iii.slcl.org

- St. Louis County Library -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0f:51:b4:4a:df:88:9c:cb:8c:23:19:0a:89:6d:b6:72 was issued on by DigiCert Inc.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

St. Louis County Library

Organization: St. Louis County Library
State / Province: Missouri
Locality: St. Louis
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:51:b4:4a:df:88:9c:cb:8c:23:19:0a:89:6d:b6:72
Serial Number (int): 20362652748108054033291225377975154290
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 5f:a2:fc:eb:a7:cf:8c:2c:f2:39:00:f6:1b:47:31:18:39:23:8d:8f
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 33:e5:15:58:78:b0:56:38:24:fe:f9:cf:8a:d5:5c:81:c4:69:12:59
Fingerprint (sha256): 1d:63:0a:c6:3a:01:d7:b3:56:21:77:6b:d2:47:e0:e5:9d:cd:df:9c:c7:8c:9b:0a:49:83:43:f5:51:ac:c1:91

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g5.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g5.crl

Check the revocation status for certificate iii.slcl.org

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for iii.slcl.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

iii.slcl.org
webpac.slcl.org
0-slcl.optimalresume.com.iii.slcl.org
encore.slcl.org
0-library.morningstar.com.iii.slcl.org
0-awrd.morningstar.com.iii.slcl.org
mobile-prnt.slcl.org
overdrive.slcl.org
0-jump.valueline.com.iii.slcl.org
0-global.factiva.com.iii.slcl.org
0-research.valueline.com.iii.slcl.org
0-viewer.factiva.com.iii.slcl.org

Other certificates including the domain name slcl.org

(limited to 100 certificates)
www.slcl.org
iii.slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
slcl.org
slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
mobile-prnt.slcl.org
slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
iii.slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
www.slcl.org
www.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
www.slcl.org
iii.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
iii.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
www.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
iii.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
www.slcl.org
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
www.slcl.org
www.slcl.org
5767790501822464-fe1.pantheonsite.io
www.slcl.org
slcl.org
iii.slcl.org
iii.slcl.org
slcl.org
iii.slcl.org
www.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
mobile-prnt.slcl.org
5767790501822464-fe1.pantheonsite.io
www.slcl.org
5767790501822464-fe1.pantheonsite.io
foundation.slcl.org
iii.slcl.org
www.slcl.org
iii.slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
*.iii.slcl.org
iii.slcl.org
slcl.org
slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
iii.slcl.org
iii.slcl.org
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
5767790501822464-fe1.pantheonsite.io
slcl.org
slcl.org
iii.slcl.org
slcl.org

Certificate

The complete raw certificate details for iii.slcl.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgIQD1G0St+InMuMIxkKiW22cjANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTQxMjAzMDAwMDAwWhcN
MTgwMzIxMTIwMDAwWjBuMQswCQYDVQQGEwJVUzERMA8GA1UECBMITWlzc291cmkx
EjAQBgNVBAcTCVN0LiBMb3VpczEhMB8GA1UEChMYU3QuIExvdWlzIENvdW50eSBM
aWJyYXJ5MRUwEwYDVQQDEwxpaWkuc2xjbC5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDv7ReUvB0dhYqGdJ8JeWWRbJFaPgx5Hqy0NxUNHu/2Twql
7ZWAag0XNcMacWW4UoDegLn9Lj9lf8zj+7QlVoDo61gKvjZQA0tSsq9B1HgWRnni
uIWE+Le56jaGLm0yF711en1J7VGdYNzZI8hJjtT68X/olDHXJ2cnKvO2M7rq3gZj
WwzYQo9+hg7ZN38yeDKdsXWSr/ps6tM6KNToGUlcO5yDEJKEH+jSJUOSHG7T9ppR
y+Sywn2iHwiPF2zphqvm2g4bO6Gc31RGVfJoTMOhlUlRXDcDtUpxYyGQBTXZDlLP
fhXz221WA3ciBwN2qCFwbktCj6+fiL2cpk6HSfVZAgMBAAGjggMpMIIDJTAfBgNV
HSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUX6L866fPjCzy
OQD2G0cxGDkjjY8wggFrBgNVHREEggFiMIIBXoIMaWlpLnNsY2wub3Jngg93ZWJw
YWMuc2xjbC5vcmeCJTAtc2xjbC5vcHRpbWFscmVzdW1lLmNvbS5paWkuc2xjbC5v
cmeCD2VuY29yZS5zbGNsLm9yZ4ImMC1saWJyYXJ5Lm1vcm5pbmdzdGFyLmNvbS5p
aWkuc2xjbC5vcmeCIzAtYXdyZC5tb3JuaW5nc3Rhci5jb20uaWlpLnNsY2wub3Jn
ghRtb2JpbGUtcHJudC5zbGNsLm9yZ4ISb3ZlcmRyaXZlLnNsY2wub3JngiEwLWp1
bXAudmFsdWVsaW5lLmNvbS5paWkuc2xjbC5vcmeCITAtZ2xvYmFsLmZhY3RpdmEu
Y29tLmlpaS5zbGNsLm9yZ4IlMC1yZXNlYXJjaC52YWx1ZWxpbmUuY29tLmlpaS5z
bGNsLm9yZ4IhMC12aWV3ZXIuZmFjdGl2YS5jb20uaWlpLnNsY2wub3JnMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0f
BGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1n
NS5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTIt
ZzUuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0
dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEB
BHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsG
AQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEy
U2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQAD
ggEBAIoHWpp27oDnScxdbt6dzj8tFhUA5EDIE4TQszr/A+hX3xbKov1kK5X6X1rZ
zHpRdhICMKZJIKt4aSAv6ujtbEcL0LMJiybCWyGJ0RzteiW8jLUWJiBgPY+ZKzP6
B+D8mQxx02lA8Tmxydk7D9nn/hmx9fN0szDMo4C46lK16jz3NU0SFgfkX58Mwzud
XPmlms6Ln7BKccg0cnPLOzCDYm0UyhEHxXeb6r2YViH8yPmQnU0qnkn+rXu3+Ftu
VN6oeJpNlHrl5FBk6gjxIZQX1CSd7HHOlRk/rcztLCFGMd9IDopTkwWRAvuE9Psz
NDCeujSLfzTSSMIC9T/2HDX/rOs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+0XlLwdHYWKhnSfCXll
kWyRWj4MeR6stDcVDR7v9k8Kpe2VgGoNFzXDGnFluFKA3oC5/S4/ZX/M4/u0JVaA
6OtYCr42UANLUrKvQdR4FkZ54riFhPi3ueo2hi5tMhe9dXp9Se1RnWDc2SPISY7U
+vF/6JQx1ydnJyrztjO66t4GY1sM2EKPfoYO2Td/MngynbF1kq/6bOrTOijU6BlJ
XDucgxCShB/o0iVDkhxu0/aaUcvkssJ9oh8Ijxds6Yar5toOGzuhnN9URlXyaEzD
oZVJUVw3A7VKcWMhkAU12Q5Sz34V89ttVgN3IgcDdqghcG5LQo+vn4i9nKZOh0n1
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20362652748108054033291225377975154290
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-12-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-21 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Missouri'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St. Louis'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St. Louis County Library'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iii.slcl.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30287869365400398890304233836870219357995576898380718877597960624955601700309145239756172398533037165994799955753811502360943556093689416420882908684295776991165673662947367938764710983522495735864736736363144120573619715600963652452802592881220197236685791344069261144771657426971091504572946180345660838707451384095960009210244817036991475780213449737706696070700772387249238190158367308159110769920967728249929665207421341312440398497989095178414369861998963865584651632120272788570446045676154871666676700560643690918972825752601742743865625338342177859228489723605625330232995331609683303628788123695918728475993
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5fa2fceba7cf8c2cf23900f61b47311839238d8f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (354 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webpac.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-slcl.optimalresume.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'encore.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-library.morningstar.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-awrd.morningstar.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile-prnt.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'overdrive.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-jump.valueline.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-global.factiva.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-research.valueline.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-viewer.factiva.com.iii.slcl.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008a075a9a76ee80e749cc5d6ede9dce3f2d161500e440c81384d0b33aff03e857df16caa2fd642b95fa5f5ad9cc7a5176120230a64920ab7869202feae8ed6c470bd0b3098b26c25b2189d11ced7a25bc8cb5162620603d8f992b33fa07e0fc990c71d36940f139b1c9d93b0fd9e7fe19b1f5f374b330cca380b8ea52b5ea3cf7354d121607e45f9f0cc33b9d5cf9a59ace8b9fb04a71c8347273cb3b3083626d14ca1107c5779beabd985621fcc8f9909d4d2a9e49fead7bb7f85b6e54dea8789a4d947ae5e45064ea08f1219417d4249dec71ce95193fadcced2c214631df480e8a5393059102fb84f4fb3334309eba348b7f34d248c202f53ff61c35ffaceb