PROD-SEC-MA01.hnz.co.nz

- Housing New Zealand Limited -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 09:54:22:48:ce:77:b6:5b:81:c0:31:69:4f:7e:f3:2a was issued on by DigiCert Inc.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Housing New Zealand Limited

Organization: Housing New Zealand Limited
Organization unit: ICT
Locality: Wellington
Country: NZ

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 09:54:22:48:ce:77:b6:5b:81:c0:31:69:4f:7e:f3:2a
Serial Number (int): 12399900268434028915191891342774956842
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 98:27:57:44:40:b8:2c:48:af:73:03:c6:c7:8b:df:10:88:dc:ee:fb
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 7a:51:3f:da:46:30:c4:9c:b3:cb:cd:af:bf:32:36:b9:8d:ff:19:cb
Fingerprint (sha256): 19:e3:97:ac:75:59:54:58:89:00:40:2c:0b:8d:4a:a5:bd:09:3a:b0:9c:5c:3f:e8:73:a2:54:09:77:82:fe:33

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate PROD-SEC-MA01.hnz.co.nz

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for PROD-SEC-MA01.hnz.co.nz

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

PROD-SEC-MA01.hnz.co.nz
hnzc.co.nz
hnz.co.nz
housingnz.co.nz
hlc.co.nz
close2home.co.nz

Other certificates including the domain name hnz.co.nz

(limited to 100 certificates)
mail.hnzc.co.nz
mail.hnzc.co.nz
digital-api.dev.hnz.co.nz
digital-api.hnz.co.nz
iam.systest1.hnz.co.nz
iam.hnz.co.nz
mail-dr.hnzc.co.nz
PROD-SEC-MA01.hnz.co.nz
iam.systest1.hnz.co.nz
digital-api.dev.hnz.co.nz
iam.hnz.co.nz
iam.uat.hnz.co.nz
iam.systest2.hnz.co.nz
my.kaingaora.govt.nz
iam.systest2.hnz.co.nz
webauth03.hnz.co.nz
PRDR-SEC-MA01.hnz.co.nz
my.kaingaora.govt.nz
my.hnz.co.nz
iam.hnz.co.nz
my.hnz.co.nz
iam.hnz.co.nz
mail.hnzc.co.nz
iam.systest1.hnz.co.nz
iam.dev.hnz.co.nz
mail-dr.hnzc.co.nz
iam.hnz.co.nz
iam.uat.hnz.co.nz
workorder-api.hnz.co.nz
my.kaingaora.govt.nz
iam.uat.hnz.co.nz
workorder-api.hnz.co.nz
mail.hnzc.co.nz
iam.dev.hnz.co.nz
workorder-api.npe.hnz.co.nz
webauth02.hnz.co.nz
workorder-api.npe.hnz.co.nz
my.kaingaora.govt.nz
mail-dr.hnzc.co.nz

Certificate

The complete raw certificate details for PROD-SEC-MA01.hnz.co.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIQCVQiSM53tluBwDFpT37zKjANBgkqhkiG9w0BAQ0FADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI5MDAwMDAwWhcN
MjAwOTAxMTIwMDAwWjB4MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3Rv
bjEkMCIGA1UEChMbSG91c2luZyBOZXcgWmVhbGFuZCBMaW1pdGVkMQwwCgYDVQQL
EwNJQ1QxIDAeBgNVBAMTF1BST0QtU0VDLU1BMDEuaG56LmNvLm56MIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsjjs79rlMWifPrNDa2zqp8wcJqQjqeeD
ksOgd7z8mXkxCyTGgzURhLyqRepV6WKkHAt2Q0v3IUwIPTG4WBN2pgSuxNlHKcOz
VxFcfcLZ28LZ2t5Z2IShh5/zmiaGoZ+zk2N1IqYjHxzGkjoCLK7MXnr422B5CleS
FdFUUPT+iX4QRZ9B1tXBJ2LqlqDYU9aaruOqMRLppgF3EwkZvx0/EyLSd2ecL26h
HdKDO7RA+WX29NN+MFVBA1kGtE064AmybSzGOv/VDCJIgGW6v7wsTzbZVtWNnL+k
8Z4ZONzhxajhIsYiclZ/t6S87+PplhVZ/H79ryAp3a+lMMQm6sbiYdty3EyzaVmu
zghDC2/3dYoeDH7jgpSDBm/Rhro7/Za8Gc1im/lq2/PhGcQ+xx9ZQddZQ5a3nL+v
ia7GWVkru5TpIj942cubrR4JoL/5lzaqe8SwLl4MZnMxhUzpb2EObnVwdGAw7Xkf
ApDKGcgaYirt9HP43b/sINGOMLQyKWvkflIZD5WBZMo+qXZ+6mjOT/KGul1cQxyf
FKFbT2+vR/jHaRUhFuI7QpAWFMXLIEnUKSh5Jo4qLJ2uGG7wjm+fTd8tmZ3sH3Ie
ZKmflHgXlzy1NbkuWPaI5oasASkyQxxf8w50L8kjU8aassmju8R4Q1HJ67WIF86C
RZyksRFz2ocCAwEAAaOCAjgwggI0MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4
tCzhxtniMB0GA1UdDgQWBBSYJ1dEQLgsSK9zA8bHi98QiNzu+zBnBgNVHREEYDBe
ghdQUk9ELVNFQy1NQTAxLmhuei5jby5ueoIKaG56Yy5jby5ueoIJaG56LmNvLm56
gg9ob3VzaW5nbnouY28ubnqCCWhsYy5jby5ueoIQY2xvc2UyaG9tZS5jby5uejAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsG
A1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNo
YTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1z
aGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB
FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEF
BQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBG
BggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkC
BAMBAf8EAgUAMA0GCSqGSIb3DQEBDQUAA4IBAQBdWzJyv9jPK//xb9BJk43nl4YC
6I47jcCMAE2SPtonWs9Y5CCwmSCLkn0t/4Z9dCxIAdWSCIkVa6IiSu8BL0E8fnbR
o4Z6YBnHxXNw/jx1eKYdpKQoyH1XQcqSHCw7UU1RC4UlKGb9BzHQNWYM0tQoIj2C
ILdCz2uqjVbsmnccz769734MgH2o+zlksT4qREIAF/GyFpQThKAlC9yxkQ7n6zNl
CaUnCN3ZrkrfHElQAXLpxW9TlBuG4LWWsNg4hKOCa1X/KbABzH9+2zrxAwDjWiD1
ZgAToF4ePrYZbqh07LUkwzI09ayGjvCLbk2vL6sSM2Q3NbUkjlK9P6tgrR/W
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsjjs79rlMWifPrNDa2zq
p8wcJqQjqeeDksOgd7z8mXkxCyTGgzURhLyqRepV6WKkHAt2Q0v3IUwIPTG4WBN2
pgSuxNlHKcOzVxFcfcLZ28LZ2t5Z2IShh5/zmiaGoZ+zk2N1IqYjHxzGkjoCLK7M
Xnr422B5CleSFdFUUPT+iX4QRZ9B1tXBJ2LqlqDYU9aaruOqMRLppgF3EwkZvx0/
EyLSd2ecL26hHdKDO7RA+WX29NN+MFVBA1kGtE064AmybSzGOv/VDCJIgGW6v7ws
TzbZVtWNnL+k8Z4ZONzhxajhIsYiclZ/t6S87+PplhVZ/H79ryAp3a+lMMQm6sbi
Ydty3EyzaVmuzghDC2/3dYoeDH7jgpSDBm/Rhro7/Za8Gc1im/lq2/PhGcQ+xx9Z
QddZQ5a3nL+via7GWVkru5TpIj942cubrR4JoL/5lzaqe8SwLl4MZnMxhUzpb2EO
bnVwdGAw7XkfApDKGcgaYirt9HP43b/sINGOMLQyKWvkflIZD5WBZMo+qXZ+6mjO
T/KGul1cQxyfFKFbT2+vR/jHaRUhFuI7QpAWFMXLIEnUKSh5Jo4qLJ2uGG7wjm+f
Td8tmZ3sH3IeZKmflHgXlzy1NbkuWPaI5oasASkyQxxf8w50L8kjU8aassmju8R4
Q1HJ67WIF86CRZyksRFz2ocCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12399900268434028915191891342774956842
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-01 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wellington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Housing New Zealand Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ICT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PROD-SEC-MA01.hnz.co.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 727083815673069032202261351572662677135108634101208980736884539248827604664944382688391891112994763638478578567378113396834399089710277316150574479949131848136633013147876933980843097155885109734939106522187072642761321815190993326115330587938768240004688562149104236006165137422256101296939750302308025556873265939135500467395527454068855568678083942581971467637968034291705716473673606738094578388255255384983289562786650038231673648731102153193559559346488618667183893296959614348874425435552053194103726248952201342003538888718670844076748178547298993509584494107187306838136172139388216505684836097183188875821414360351313895125789799331303619032566872659028117868186088208519197248062380115302190518495016236797500129810961849720734519720410443479702885525438308243910873591573696057030084353803055031677994289859919060259277765445779714228115647387458866797736112534995269850283003668527789435382669228739188977875972619474833295877465503989762314870463093012659564491523091047900349587850928484483387225942340626071313627966262747194906347664470996158111809954471798714110824481059001735181295059914231920895831581462972049622323255122043284859104447446371811312146641116812540668877779285784919045515886340882428084289264263
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9827574440b82c48af7303c6c78bdf1088dceefb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'PROD-SEC-MA01.hnz.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hnzc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hnz.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'housingnz.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hlc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'close2home.co.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005d5b3272bfd8cf2bfff16fd049938de7978602e88e3b8dc08c004d923eda275acf58e420b099208b927d2dff867d742c4801d5920889156ba2224aef012f413c7e76d1a3867a6019c7c57370fe3c7578a61da4a428c87d5741ca921c2c3b514d510b85252866fd0731d035660cd2d428223d8220b742cf6baa8d56ec9a771ccfbebdef7e0c807da8fb3964b13e2a44420017f1b216941384a0250bdcb1910ee7eb336509a52708ddd9ae4adf1c49500172e9c56f53941b86e0b596b0d83884a3826b55ff29b001cc7f7edb3af10300e35a20f5660013a05e1e3eb6196ea874ecb524c33234f5ac868ef08b6e4daf2fab1233643735b5248e52bd3fab60ad1fd6