dev.einsteinmed.edu

- Montefiore Medical Center -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0e:7c:56:ff:7c:9d:16:63:00:10:dc:8b:46:5e:4f:0e was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Montefiore Medical Center

Organization: Montefiore Medical Center
State / Province: New York
Locality: Bronx
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0e:7c:56:ff:7c:9d:16:63:00:10:dc:8b:46:5e:4f:0e
Serial Number (int): 19254801280420544317474944028174601998
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ce:81:d8:d5:53:78:21:ca:b1:9b:b6:35:cf:b1:ff:9c:65:50:19:b4
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 45:24:7f:86:12:dc:4b:c8:23:ca:08:64:a8:73:35:bf:c6:60:1d:99
Fingerprint (sha256): 1d:23:6c:6e:7c:d1:07:5c:ca:81:f4:72:af:c7:b7:7a:9e:25:fb:3f:24:b6:75:a4:e2:42:ed:3b:4f:3d:16:ce

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate dev.einsteinmed.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dev.einsteinmed.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dev.einsteinmed.edu
www.dev.einsteinmed.edu

Other certificates including the domain name einsteinmed.edu

(limited to 100 certificates)
*.thescholr.com
*.thescholr.com
*.thescholr.com
itsupport.einsteinmed.edu
*.d8.theopenscholar.com
*.thescholr.com
*.d8.theopenscholar.com
OAS.EINSTEINMED.EDU
*.thescholr.com
cg3.einsteinmed.edu
dev.einsteinmed.edu
magazine.einsteinmed.edu
interview.einsteinmed.edu
*.safecluster.einsteinmed.edu
*.safecluster.einsteinmed.edu
helpme.einsteinmed.edu
*.hpc.einsteinmed.edu
*.thescholr.com
*.thescholr.com
einsteinmed.edu
*.thescholr.com
academiccommons.einsteinmed.edu
libcal.einsteinmed.edu
montefioreeinstein.org
*.thescholr.com
montefioreeinstein.org
grad.apply.einsteinmed.edu
*.d8.theopenscholar.com
*.thescholr.com
colab.einsteinmed.edu
*.d8.theopenscholar.com
interview.einsteinmed.edu
*.thescholr.com
beyondalbert.apply.einsteinmed.edu
einsteinmed.edu
*.thescholr.com
*.thescholr.com
einsteinmed.edu
*.d8.theopenscholar.com
printing.einsteinmed.edu
*.thescholr.com
media.einsteinmed.edu
*.thescholr.com
media.einsteinmed.edu
*.d8.theopenscholar.com
*.thescholr.com
transportation.einsteinmed.edu
*.thescholr.com
streaming.einsteinmed.edu
*.thescholr.com
eep.apply.einsteinmed.edu
*.d8.theopenscholar.com
cg4.einsteinmed.edu
einsteincsc.einsteinmed.edu
library.einsteinmed.edu
*.thescholr.com
*.thescholr.com
infoed.einsteinmed.edu
Montefiore.org
eng.einsteinmed.edu
*.thescholr.com
*.thescholr.com
intranet.einsteinmed.edu
Montefiore.org
einsteinmed.edu
magazine.einsteinmed.edu

Certificate

The complete raw certificate details for dev.einsteinmed.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG3TCCBcWgAwIBAgIQDnxW/3ydFmMAENyLRl5PDjANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTEwMjYwMDAwMDBa
Fw0yMjEwMjYyMzU5NTlaMHIxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9y
azEOMAwGA1UEBxMFQnJvbngxIjAgBgNVBAoTGU1vbnRlZmlvcmUgTWVkaWNhbCBD
ZW50ZXIxHDAaBgNVBAMTE2Rldi5laW5zdGVpbm1lZC5lZHUwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCzwCBir89K3OV3YQUmBT4geNA5KOyrS22dSyww
AX+c4uMc3YakRuXsQYzlzR+ZSwYezBL/x2luqTbRclTDKShkkGHyTSIXG4vZMOs0
fityvkWyXEwV/e3y1/CweremboxcY9iO2F9i67Vvl74ZdoBBUYTO+zaSc5kMMoQm
rOwoRszxYBw7lEIajUC9gc21doSOPMY4VOtbjYfkLsg/YO5HCDkUPEdOFjoUyZMQ
DXNCpXn8EX47aDGbFSJNv7AU/qT+AbMNTqPl1xvNRk4baeok3AbA5UOOygI//Kgg
ulOBmPVY9BnzlgnOpskYrGR61Rqk+oTw2cSRA7smgsvMGvaFAgMBAAGjggOQMIID
jDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUzoHY
1VN4Icqxm7Y1z7H/nGVQGbQwNwYDVR0RBDAwLoITZGV2LmVpbnN0ZWlubWVkLmVk
dYIXd3d3LmRldi5laW5zdGVpbm1lZC5lZHUwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpo
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIw
Q0ExLTQuY3JsMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl
cnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIC
MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/Bggr
BgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
bTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD
ZXJ0VExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYK
KwYBBAHWeQIEAgSCAW8EggFrAWkAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlN
XSZcJV3HhAAAAXy96emxAAAEAwBIMEYCIQChA4fUvge2mqn/xO5dD+tI0wtfjd0e
jeeei+sw9onrqgIhANkpk9eBJ++DnOtr9twC1NAJQiSxKt2bF3uMi3y/paLjAHYA
UaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN/tSLBeUAAAF8venptAAABAMARzBF
AiEAjcxB3VBZVDN7VFfAzTg+ipzV4vo0ybbRW6ruPyLC0DcCIA569ObUG0dIwCZe
ityioeKfkTu3IIiWl8XEtzTp+pOfAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tL
x2jwkGKWBvYAAAF8venpLgAABAMARzBFAiEA8t1Y5M5YjTl6cfDNC8tZf0Id/xIc
8w74HFa8aa2BUakCICa43KvnsmTY3F1Rv59tS/mQeDvcSxjsKQ6iL/riDDC6MA0G
CSqGSIb3DQEBCwUAA4IBAQBNvTw7QVe5jwLU4W+EH3ecAkNu0sIvWmdYmaU1i48x
hFtd3VG2J99VRRdZBqPtdFH4UD/cO8u9gVIozmmmwQdt5xqIC94GV4sI9XUADUbG
Cw6AU0Hs9ZS6ItPMk1tigrVf6fX/viJEVB6UDELWt+/WYgEWlHhdetcUfxhYa9CD
8+FPty5Es++1UzTzPj91ZWpd0wzuZxBEJXEbCGcEVFN6o7ZDBsHouB2dTfVEkC+L
4gEpZao8bDiyFKZy1zCudt97VFKAfXrjURLrkXd2U8EmeU5RLBFOSS/kCkxdW2X5
7AAxb317C11WFwqjiUOZpZO/ulrO9WUT5Xm9ja8K/0Sm
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8AgYq/PStzld2EFJgU+
IHjQOSjsq0ttnUssMAF/nOLjHN2GpEbl7EGM5c0fmUsGHswS/8dpbqk20XJUwyko
ZJBh8k0iFxuL2TDrNH4rcr5FslxMFf3t8tfwsHq3pm6MXGPYjthfYuu1b5e+GXaA
QVGEzvs2knOZDDKEJqzsKEbM8WAcO5RCGo1AvYHNtXaEjjzGOFTrW42H5C7IP2Du
Rwg5FDxHThY6FMmTEA1zQqV5/BF+O2gxmxUiTb+wFP6k/gGzDU6j5dcbzUZOG2nq
JNwGwOVDjsoCP/yoILpTgZj1WPQZ85YJzqbJGKxketUapPqE8NnEkQO7JoLLzBr2
hQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19254801280420544317474944028174601998
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bronx'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Montefiore Medical Center'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dev.einsteinmed.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22691397700003963262260359667284869148060232441180058582716256833964799205622739663070071960377119840202016912164327783455425296991731631055888374777918142227970772563546737834005769422590783852331025042791546048799388214792432468250299985887974006343050516451017463764595483550940472885113820092748111614031431172537947158251909275223827770851154692104918031570195673927284085892587922162088098684267666602404414434314248979038283880723882579523931022186865575280009369051619954480990204802048785845402986134217607574032197337438245455660376716585677406196112464010728936286015447048546927423413969068571529800513157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ce81d8d5537821cab19bb635cfb1ff9c655019b4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.einsteinmed.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dev.einsteinmed.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017cbde9e9b10000040300483046022100a10387d4be07b69aa9ffc4ee5d0feb48d30b5f8ddd1e8de79e8beb30f689ebaa022100d92993d78127ef839ceb6bf6dc02d4d0094224b12add9b177b8c8b7cbfa5a2e300760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017cbde9e9b400000403004730450221008dcc41dd505954337b5457c0cd383e8a9cd5e2fa34c9b6d15baaee3f22c2d03702200e7af4e6d41b4748c0265e8adca2a1e29f913bb720889697c5c4b734e9fa939f00760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017cbde9e92e0000040300473045022100f2dd58e4ce588d397a71f0cd0bcb597f421dff121cf30ef81c56bc69ad8151a9022026b8dcabe7b264d8dc5d51bf9f6d4bf990783bdc4b18ec290ea22ffae20c30ba
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004dbd3c3b4157b98f02d4e16f841f779c02436ed2c22f5a675899a5358b8f31845b5ddd51b627df5545175906a3ed7451f8503fdc3bcbbd815228ce69a6c1076de71a880bde06578b08f575000d46c60b0e805341ecf594ba22d3cc935b6282b55fe9f5ffbe2244541e940c42d6b7efd662011694785d7ad7147f18586bd083f3e14fb72e44b3efb55334f33e3f75656a5dd30cee67104425711b08670454537aa3b64306c1e8b81d9d4df544902f8be2012965aa3c6c38b214a672d730ae76df7b5452807d7ae35112eb91777653c126794e512c114e492fe40a4c5d5b65f9ec00316f7d7b0b5d56170aa3894399a593bfba5acef56513e579bd8daf0aff44a6