imperva.com
Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4
About this certificate
This digital certificate with serial number 01:b8:f6:8a:c2:43:e7:2d:18:1e:d9:e5:e0:4d:69:f2 was issued on by GlobalSign nv-sa.
With 31 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=imperva.com
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate will expire on
Certificate Details
Serial Number (hex): 01:b8:f6:8a:c2:43:e7:2d:18:1e:d9:e5:e0:4d:69:f2Serial Number (int): 2289611084126431069710513097570871794
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 67:d5:a9:50:02:ab:bf:b6:56:f9:2d:f2:e6:20:4f:9c:cc:5b:47:4c
AuthorityKeyId: aa:11:71:8f:95:c4:58:98:8b:b1:6e:0f:3b:50:68:24:bc:b8:19:bc
Fingerprint (sha1): 8f:63:ee:d3:f5:ce:6f:98:c2:f5:1c:d2:a0:b8:c5:c8:a2:ed:73:a8
Fingerprint (sha256): 1c:04:d5:0b:d9:7e:ea:b8:89:23:d7:86:ed:39:c1:28:e5:d5:8a:fb:6d:e5:8d:ba:8c:67:98:b0:dd:cc:f0:de
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q4.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2023q4CRL Distribution Point: http://crl.globalsign.com/ca/gsatlasr3dvtlsca2023q4.crl
Check the revocation status for certificate imperva.com
31
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for imperva.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gmo.media
api.yomipo.yomiuri.co.jp
*.reserve.coeteco.jp
dev.yomipo.yomiuri.co.jp
*.www.pointtown.com
www.affi.town
api.prcm.jp
secure.prcm.jp
*.prican.jp
*.pointtown.com
iam.affi.town
*.blockchaingame.jp
affi.town
gmo.media
prican.jp
devapi.yomipo.yomiuri.co.jp
gesoten.com
*.coeteco.jp
*.pointmall.town
*.prcm.jp
imperva.com
coeteco.jp
news.prcm.jp
st.coeteco.jp
*.gesoten.com
*.dev.pointmall.town
prcm.jp
*.staging-college.coeteco.jp
legacy-api.prcm.jp
pointtown.com
t.affi.town
api.yomipo.yomiuri.co.jp
*.reserve.coeteco.jp
dev.yomipo.yomiuri.co.jp
*.www.pointtown.com
www.affi.town
api.prcm.jp
secure.prcm.jp
*.prican.jp
*.pointtown.com
iam.affi.town
*.blockchaingame.jp
affi.town
gmo.media
prican.jp
devapi.yomipo.yomiuri.co.jp
gesoten.com
*.coeteco.jp
*.pointmall.town
*.prcm.jp
imperva.com
coeteco.jp
news.prcm.jp
st.coeteco.jp
*.gesoten.com
*.dev.pointmall.town
prcm.jp
*.staging-college.coeteco.jp
legacy-api.prcm.jp
pointtown.com
t.affi.town
Other certificates including the domain name imperva.com
(limited to 100 certificates)
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
Certificate
The complete raw certificate details for imperva.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIVzCCBz+gAwIBAgIQAbj2isJD5y0YHtnl4E1p8jANBgkqhkiG9w0BAQsFADBY MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyMyBRNDAeFw0yMzEy MTExMjMzMzRaFw0yNDA2MDgxMjMzMzRaMBYxFDASBgNVBAMMC2ltcGVydmEuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn706OJkgWQY/n+SqROzV eOXPJ7fLCPRKAdByIy++EEcGqLqaYHb+eG9HZvirJUYzBEOXjlynS6rhjuFaSdPf cLM5XHvjN2V0OCPQfItiD4F6/Dbz6CC4MZFV5OTVTBOT9iiI/f4KdaOt5sGRGmHI JsPQYceoL9oUek7PX7OGQqxCodjAtdHGPeDZOLWrwoOWN6RHqawBW9xdxtHPwb2a d4LKnv4katZrGbYdmy2KZbziX5iqJtWObrPkI7oLdheSExs24QC8Xt7TjdFCDB6p K8QE0AWNqSUG9AXnccYGpVPV/OdQPz76gMygL4ISAoYBAbWfY11Vs6mgYITaJS+S iQIDAQABo4IFXTCCBVkwggIRBgNVHREEggIIMIICBIINd3d3Lmdtby5tZWRpYYIY YXBpLnlvbWlwby55b21pdXJpLmNvLmpwghQqLnJlc2VydmUuY29ldGVjby5qcIIY ZGV2LnlvbWlwby55b21pdXJpLmNvLmpwghMqLnd3dy5wb2ludHRvd24uY29tgg13 d3cuYWZmaS50b3duggthcGkucHJjbS5qcIIOc2VjdXJlLnByY20uanCCCyoucHJp Y2FuLmpwgg8qLnBvaW50dG93bi5jb22CDWlhbS5hZmZpLnRvd26CEyouYmxvY2tj aGFpbmdhbWUuanCCCWFmZmkudG93boIJZ21vLm1lZGlhgglwcmljYW4uanCCG2Rl dmFwaS55b21pcG8ueW9taXVyaS5jby5qcIILZ2Vzb3Rlbi5jb22CDCouY29ldGVj by5qcIIQKi5wb2ludG1hbGwudG93boIJKi5wcmNtLmpwggtpbXBlcnZhLmNvbYIK Y29ldGVjby5qcIIMbmV3cy5wcmNtLmpwgg1zdC5jb2V0ZWNvLmpwgg0qLmdlc290 ZW4uY29tghQqLmRldi5wb2ludG1hbGwudG93boIHcHJjbS5qcIIcKi5zdGFnaW5n LWNvbGxlZ2UuY29ldGVjby5qcIISbGVnYWN5LWFwaS5wcmNtLmpwgg1wb2ludHRv d24uY29tggt0LmFmZmkudG93bjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRn1alQAqu/tlb5LfLmIE+czFtH TDBXBgNVHSAEUDBOMAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUH AgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAwGA1Ud EwEB/wQCMAAwgZ4GCCsGAQUFBwEBBIGRMIGOMEAGCCsGAQUFBzABhjRodHRwOi8v b2NzcC5nbG9iYWxzaWduLmNvbS9jYS9nc2F0bGFzcjNkdnRsc2NhMjAyM3E0MEoG CCsGAQUFBzAChj5odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9n c2F0bGFzcjNkdnRsc2NhMjAyM3E0LmNydDAfBgNVHSMEGDAWgBSqEXGPlcRYmIux bg87UGgkvLgZvDBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsLmdsb2JhbHNp Z24uY29tL2NhL2dzYXRsYXNyM2R2dGxzY2EyMDIzcTQuY3JsMIIBfwYKKwYBBAHW eQIEAgSCAW8EggFrAWkAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1 mwAAAYxY3m2AAAAEAwBIMEYCIQCEs/UdkFYze+gG6Ctnc6mucJhtvwlht1Aekk74 Uix3+wIhAMcZVsBSY6E4g7UR8VaeLVrHj4fqWuP6aCJr3SIMh+w1AHYA2ra/az+1 tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGMWN5tswAABAMARzBFAiEAll8I UtiBRkHljDObsSZ7Ebsmecm2nr1G1UAJr9XAeCECIGi6/cz9RuTSUSp9Uk0VN3qo 8xL6e8gtJniCPxkcml4yAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznY hHMAAAGMWN5vmQAABAMARzBFAiEA97IPOZDLjzvfR4t/CETToYM7EEohqTnTlTq0 7ZWfHrACICPaHbMVek5a7WZU8fbzmIM1o4MMDhbG7rk0cW/b+YKlMA0GCSqGSIb3 DQEBCwUAA4IBAQA2t1zemGRrJK5Wo8QSqOpInUlJXKccNk16WmosysR0Al/z2z6+ gAMgSHxFEuS/XQophGFXcHZmD5Y3rRvMypx7ZkLWA6FreoihhsRUAFZ1V3LSwjZQ DaeSmSWdtn0nwYPIldHxsNLWHimhb/ZG2Ry/hi0YkrcwC5QdxNVZwGOjwJQw+Bv9 PyLASrgOSQnNockul0ZDm/1ZJ6ktxAouzfhfe+V/6uBO+3tqJJiQXIv8oLnlOuB9 K3CrS1HCp1yAq691Iww5/hZicaMzgD3aMCyTxHc/i4UvF1Er3aAkLAXotN6MF4wr D8CXM5QeVTwXChdXQZJwNmYHQDROq4PNNo7G -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn706OJkgWQY/n+SqROzV eOXPJ7fLCPRKAdByIy++EEcGqLqaYHb+eG9HZvirJUYzBEOXjlynS6rhjuFaSdPf cLM5XHvjN2V0OCPQfItiD4F6/Dbz6CC4MZFV5OTVTBOT9iiI/f4KdaOt5sGRGmHI JsPQYceoL9oUek7PX7OGQqxCodjAtdHGPeDZOLWrwoOWN6RHqawBW9xdxtHPwb2a d4LKnv4katZrGbYdmy2KZbziX5iqJtWObrPkI7oLdheSExs24QC8Xt7TjdFCDB6p K8QE0AWNqSUG9AXnccYGpVPV/OdQPz76gMygL4ISAoYBAbWfY11Vs6mgYITaJS+S iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2289611084126431069710513097570871794 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Atlas R3 DV TLS CA 2023 Q4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 12:33:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-08 12:33:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'imperva.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20165202011190749243381847586640839858635633626960724743038851452015699500904709028763202136970051499410996171974528016655808504091625181985257018035088255714095449369840953569897184591865923122182789282589957800498167780979154003097611132520523028436231988522569994929636647129828525392470338729009480699331903114222624136806931997013779674101323505028200065103087303549553038526522605219052187065567114971891277280337561422932990923053561355678974027225464968005315886615208186660294960489335659042492097539198303095077435361075341894599132588370273765975636264631995491310329645022620689328949630094038859741368969 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (520 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gmo.media' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.yomipo.yomiuri.co.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reserve.coeteco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.yomipo.yomiuri.co.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.www.pointtown.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.affi.town' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prican.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pointtown.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iam.affi.town' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blockchaingame.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'affi.town' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gmo.media' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prican.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'devapi.yomipo.yomiuri.co.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gesoten.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.coeteco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pointmall.town' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imperva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'coeteco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'news.prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'st.coeteco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gesoten.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.pointmall.town' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging-college.coeteco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy-api.prcm.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pointtown.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 't.affi.town' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 67d5a95002abbfb656f92df2e6204f9ccc5b474c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.10.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (145 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2023q4' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q4.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName aa11718f95c458988bb16e0f3b506824bcb819bc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/ca/gsatlasr3dvtlsca2023q4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c58de6d80000004030048304602210084b3f51d9056337be806e82b6773a9ae70986dbf0961b7501e924ef8522c77fb022100c71956c05263a13883b511f1569e2d5ac78f87ea5ae3fa68226bdd220c87ec35007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c58de6db30000040300473045022100965f0852d8814641e58c339bb1267b11bb2679c9b69ebd46d54009afd5c07821022068bafdccfd46e4d2512a7d524d15377aa8f312fa7bc82d2678823f191c9a5e3200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c58de6f990000040300473045022100f7b20f3990cb8f3bdf478b7f0844d3a1833b104a21a939d3953ab4ed959f1eb0022023da1db3157a4e5aed6654f1f6f3988335a3830c0e16c6eeb934716fdbf982a5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0036b75cde98646b24ae56a3c412a8ea489d49495ca71c364d7a5a6a2ccac474025ff3db3ebe800320487c4512e4bf5d0a298461577076660f9637ad1bccca9c7b6642d603a16b7a88a186c4540056755772d2c236500da79299259db67d27c183c895d1f1b0d2d61e29a16ff646d91cbf862d1892b7300b941dc4d559c063a3c09430f81bfd3f22c04ab80e4909cda1c92e9746439bfd5927a92dc40a2ecdf85f7be57feae04efb7b6a2498905c8bfca0b9e53ae07d2b70ab4b51c2a75c80abaf75230c39fe166271a333803dda302c93c4773f8b852f17512bdda0242c05e8b4de8c178c2b0fc09733941e553c170a175741927036660740344eab83cd368ec6