production-athenizer.use1.huffpo.net
- Oath Inc -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 05:6c:fd:dc:59:87:62:40:e1:71:8e:ba:24:e9:ae:78 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Oath Inc
Organization:
Oath Inc
State / Province:
California
Locality: Sunnyvale
Country: US
Locality: Sunnyvale
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:6c:fd:dc:59:87:62:40:e1:71:8e:ba:24:e9:ae:78Serial Number (int): 7212056947179652607671408397971467896
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 28:2f:35:06:df:fa:12:64:91:80:91:7a:af:8c:37:79:72:80:bf:0f
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): cd:28:eb:c3:38:91:73:98:1b:5b:db:a7:69:c2:a7:4c:c4:a9:3c:d9
Fingerprint (sha256): 19:67:6d:c2:ab:32:77:aa:88:4e:41:1e:65:93:8e:ee:48:d9:4b:b2:d1:7b:4c:c2:ea:b3:8e:17:0b:d7:c9:4b
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate production-athenizer.use1.huffpo.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for production-athenizer.use1.huffpo.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
production-athenizer.use1.huffpo.net
Other certificates including the domain name huffpo.net
(limited to 100 certificates)
qa-athena-mongo-image.huffpo.net
production-athenizer.use1.huffpo.net
staging-origin-life.huffpo.net
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
production-athena-mongo-cms.huffpo.net
buildbot.office.aol.com
staging-content-transform.use1.huffpo.net
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
production-modulous-tag-manager.use1.huffpo.net
beta-origin-cambria-alb.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
qa.preview.www.huffpost.com
*.utils.huffpo.net
qa.preview.www.huffpost.com
www.huffpost.com
origin-kraken.huffpo.net
origin-hanami.huffpo.net
beta-origin-cambria-alb.huffpo.net
qa.preview.www.huffpost.com
www.huffingtonpost.com
www.huffingtonpost.com
staging-modulous-api-lb.use1.huffpo.net
qa-origin-life.huffpo.net
staging-athena-mongo-cms.huffpo.net
beta.www.huffpost.com
src5.yahoo.com
src5.yahoo.com
qa-origin-life.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
origin-kraken.huffpo.net
src5.yahoo.com
staging-modulous-api-varnish.use1.huffpo.net
qa-origin-life.huffpo.net
staging-mtkiller-mongo.use1.huffpo.net
origin-identifiers.huffpost.net
www.huffingtonpost.com
staging-origin-hanami-alb.huffpo.net
origin-hanami-alb.huffpo.net
qa.preview.www.huffpost.com
production-athenizer.use1.huffpo.net
*.stage.buzzfeed.io
staging.modulous.aol.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
staging.preview.www.huffpost.com
*.use1.huffpo.net
preview.www.huffpost.com
preview.beta.www.huffpost.com
staging-athena-mongo-cms.huffpo.net
*.app-west.buzzfeed.io
*.edge.huffpo.net
qa.mapi.huffpost.com
beta.www.huffpost.com
preview.www.huffpost.com
origin-kraken.huffpo.net
qa-origin-life.huffpo.net
qa.www.huffpost.com
*.edge.huffpo.net
*.app-west.buzzfeed.io
src5.yahoo.com
www.huffpost.com
staging.preview.www.huffpost.com
origin-identifiers.huffpost.net
production-trait-manager.use1.huffpo.net
production-athenizer.use1.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
*.amp.edge.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
*.games.yahoo.com
src5.yahoo.com
www.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.cambria-production.huffpo.net
production-athenizer.use1.huffpo.net
www.huffingtonpost.com
qa.preview.www.huffpost.com
*.utils.huffpo.net
origin-hanami.huffpo.net
staging.preview.www.huffpost.com
modulous.aol.com
*.stage.buzzfeed.io
staging-audiogram.use1.huffpo.net
src5.yahoo.com
www.huffingtonpost.com
qa-athena-mongo-cms.huffpo.net
staging-content-transform.use1.huffpo.net
*.app-west.buzzfeed.io
*.use1.huffpo.net
src5.yahoo.com
origin-identifiers.huffpost.net
*.use1.huffpo.net
src5.yahoo.com
beta-preview-origin-cambria-alb.huffpo.net
*.app-west.buzzfeed.io
production-athenizer.use1.huffpo.net
staging-origin-life.huffpo.net
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
production-athena-mongo-cms.huffpo.net
buildbot.office.aol.com
staging-content-transform.use1.huffpo.net
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
production-modulous-tag-manager.use1.huffpo.net
beta-origin-cambria-alb.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
qa.preview.www.huffpost.com
*.utils.huffpo.net
qa.preview.www.huffpost.com
www.huffpost.com
origin-kraken.huffpo.net
origin-hanami.huffpo.net
beta-origin-cambria-alb.huffpo.net
qa.preview.www.huffpost.com
www.huffingtonpost.com
www.huffingtonpost.com
staging-modulous-api-lb.use1.huffpo.net
qa-origin-life.huffpo.net
staging-athena-mongo-cms.huffpo.net
beta.www.huffpost.com
src5.yahoo.com
src5.yahoo.com
qa-origin-life.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
origin-kraken.huffpo.net
src5.yahoo.com
staging-modulous-api-varnish.use1.huffpo.net
qa-origin-life.huffpo.net
staging-mtkiller-mongo.use1.huffpo.net
origin-identifiers.huffpost.net
www.huffingtonpost.com
staging-origin-hanami-alb.huffpo.net
origin-hanami-alb.huffpo.net
qa.preview.www.huffpost.com
production-athenizer.use1.huffpo.net
*.stage.buzzfeed.io
staging.modulous.aol.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
staging.preview.www.huffpost.com
*.use1.huffpo.net
preview.www.huffpost.com
preview.beta.www.huffpost.com
staging-athena-mongo-cms.huffpo.net
*.app-west.buzzfeed.io
*.edge.huffpo.net
qa.mapi.huffpost.com
beta.www.huffpost.com
preview.www.huffpost.com
origin-kraken.huffpo.net
qa-origin-life.huffpo.net
qa.www.huffpost.com
*.edge.huffpo.net
*.app-west.buzzfeed.io
src5.yahoo.com
www.huffpost.com
staging.preview.www.huffpost.com
origin-identifiers.huffpost.net
production-trait-manager.use1.huffpo.net
production-athenizer.use1.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
*.amp.edge.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
*.games.yahoo.com
src5.yahoo.com
www.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.cambria-production.huffpo.net
production-athenizer.use1.huffpo.net
www.huffingtonpost.com
qa.preview.www.huffpost.com
*.utils.huffpo.net
origin-hanami.huffpo.net
staging.preview.www.huffpost.com
modulous.aol.com
*.stage.buzzfeed.io
staging-audiogram.use1.huffpo.net
src5.yahoo.com
www.huffingtonpost.com
qa-athena-mongo-cms.huffpo.net
staging-content-transform.use1.huffpo.net
*.app-west.buzzfeed.io
*.use1.huffpo.net
src5.yahoo.com
origin-identifiers.huffpost.net
*.use1.huffpo.net
src5.yahoo.com
beta-preview-origin-cambria-alb.huffpo.net
*.app-west.buzzfeed.io
Certificate
The complete raw certificate details for production-athenizer.use1.huffpo.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgIQBWz93FmHYkDhcY66JOmueDANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xOTA0MjgwMDAwMDBaFw0xOTEwMjUxMjAwMDBa MHgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlT dW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMS0wKwYDVQQDEyRwcm9kdWN0aW9u LWF0aGVuaXplci51c2UxLmh1ZmZwby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVbpi0YJWEwdCFc0H0+ZhpKn2IlgCs2h3aw7ek0M8lJXn8ke8v O2o11di6ZCUQeW1fN4s3sxgMDF6usFz1Jt+UPv/rMZDf5Yvkpp9UfvHQEEQtC8q8 OBtAlzDq9M3HnKYFGYP4ZePxK3PJz2Ba4Nnmsm/07UYNK4U7rqX58hFfI+b6wEE8 GHMsIS5gX8RkQ23sclVs6vSs3N0BDXMgKJABsXzty2RWyt+yJIrewySe+0UwStGh l7kS2n4ghuGjbUsNz6NFfkDks1aPla5ty3oPvt16HTrgJEq9EiafeIIXeftb1NRY LjlN31lWOoOr9JuQnKO/NLmUPR1WiavGTH5FAgMBAAGjggISMIICDjAfBgNVHSME GDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUKC81Bt/6EmSRgJF6 r4w3eXKAvw8wLwYDVR0RBCgwJoIkcHJvZHVjdGlvbi1hdGhlbml6ZXIudXNlMS5o dWZmcG8ubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQu Y29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGln aWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCG SAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v Q1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRw Oi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRz LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0Eu Y3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcN AQELBQADggEBAGhiHF5y7OI+Vbxxg2pJj9LGi8Ke9U+ctqd6O2qbVkTU65HZnvAV +QU3ea/uU6XX2+qqtMoeJxwpAmZMsHzg/gYUYrUd93Zxl6XXF+VC5VirJhMWylJm 7jnIJ2QbJiNH05hghgzOu+XV4ryHlLONXGrBNYe/Y9ssgjGCPusButRqrxZdytgy Ow73vKwwVy/i0zSq+oYAttGoUMlt/y0/hkUcihvUGi+D6PcGU8AkHk9N5gKuJj5K uJcatV3g1dZAC0NHIM9jz/ZRRcn+OJfs5vyn7cngwMDcLosuE0dEvonyitA1nPAH 7fxCGmUDGFuy9HO86KisSgPeIr4sLZuY9Cs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W6YtGCVhMHQhXNB9PmY aSp9iJYArNod2sO3pNDPJSV5/JHvLztqNdXYumQlEHltXzeLN7MYDAxerrBc9Sbf lD7/6zGQ3+WL5KafVH7x0BBELQvKvDgbQJcw6vTNx5ymBRmD+GXj8Stzyc9gWuDZ 5rJv9O1GDSuFO66l+fIRXyPm+sBBPBhzLCEuYF/EZENt7HJVbOr0rNzdAQ1zICiQ AbF87ctkVsrfsiSK3sMknvtFMErRoZe5Etp+IIbho21LDc+jRX5A5LNWj5Wubct6 D77deh064CRKvRImn3iCF3n7W9TUWC45Td9ZVjqDq/SbkJyjvzS5lD0dVomrxkx+ RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7212056947179652607671408397971467896 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-25 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sunnyvale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'production-athenizer.use1.huffpo.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26943296125701877824892930669371814140348671824859441792300934978503421007610887831274573260895624479747865647029587129015690742293394041859406610853257806819964411756895569061092615498671526287108081802660353405837096684889246698613077052790413860381811841811158273309306679521382489636020170344179715951775292860017403848648854914140667208227298800098802689250187663313128462420003960240488164237558811956551620299048768706204791119593624821928197953023016373938338744207178982678185555196456673400240145604077606584332203360226713690248008792071105903355191360440001052028208298415554059438242853456553112922521157 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 282f3506dffa12649180917aaf8c37797280bf0f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'production-athenizer.use1.huffpo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0068621c5e72ece23e55bc71836a498fd2c68bc29ef54f9cb6a77a3b6a9b5644d4eb91d99ef015f9053779afee53a5d7dbeaaab4ca1e271c2902664cb07ce0fe061462b51df7767197a5d717e542e558ab261316ca5266ee39c827641b262347d39860860ccebbe5d5e2bc8794b38d5c6ac13587bf63db2c8231823eeb01bad46aaf165dcad8323b0ef7bcac30572fe2d334aafa8600b6d1a850c96dff2d3f86451c8a1bd41a2f83e8f70653c0241e4f4de602ae263e4ab8971ab55de0d5d6400b434720cf63cff65145c9fe3897ece6fca7edc9e0c0c0dc2e8b2e134744be89f28ad0359cf007edfc421a6503185bb2f473bce8a8ac4a03de22be2c2d9b98f42b