g.ssl.fastly.net
- Fastly, Inc. -
Issued by GlobalSign Organization Validation CA - SHA256 - G2
About this certificate
This digital certificate with serial number 44:5d:e2:ec:43:92:6e:54:24:e2:d7:2a was issued on by GlobalSign nv-sa.
With 53 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Fastly, Inc.
Organization:
Fastly, Inc.
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 44:5d:e2:ec:43:92:6e:54:24:e2:d7:2aSerial Number (int): 21158482382201430576621344554
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: b3:57:b7:fa:1a:7f:6e:4f:23:9d:70:c6:a6:ab:4c:1e:47:0e:8b:00
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c
Fingerprint (sha1): 68:8e:ff:c7:8d:06:0c:94:9f:17:00:ad:bd:e0:5a:71:41:96:eb:1f
Fingerprint (sha256): 1e:1a:63:a5:16:a0:8f:eb:62:c4:55:73:8f:5e:e4:fe:15:ea:6a:d7:05:d2:ea:5b:36:82:e7:cf:08:ce:f7:52
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
Check the revocation status for certificate g.ssl.fastly.net
53
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for g.ssl.fastly.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
g.ssl.fastly.net
*.api.iheart.com
*.docs.secretcdn-stg.net
*.statuspage.io
alienwarearena.com
*.alienwarearena.com
api.garage.me
avvo.com
*.avvo.com
cdn.briteverify.com
cdn.listenloop.com
cdn.wistia.com
chef.io
*.chef.io
client.appletv.cnn.com
depop.com
*.depop.com
dev.client.appletv.cnn.com
docs.secretcdn-stg.net
dosomething.org
*.dosomething.org
fastly.cedexis-test.com
frontgatetickets.com
*.frontgatetickets.com
gazelle.com
*.gazelle.com
getchef.com
*.getchef.com
hdmtools.com
*.hdmtools.com
ibmserviceengage.com
iheart.com
*.iheart.com
opensesame.com
*.opensesame.com
opscode.com
*.opscode.com
pentos-cdn.polarmobile.com
pentos-cdn.staging.polarmobile.com
playboy.com
*.playboy.com
rubytogether.org
*.rubytogether.org
status.authorize.net
statuspage.io
tag.marinsm.com
tripping.com
*.tripping.com
wohlers.org
*.wohlers.org
www.rackspacestatus.com
www.teachingenglish.org.uk
www.thetelecomshop.com
*.api.iheart.com
*.docs.secretcdn-stg.net
*.statuspage.io
alienwarearena.com
*.alienwarearena.com
api.garage.me
avvo.com
*.avvo.com
cdn.briteverify.com
cdn.listenloop.com
cdn.wistia.com
chef.io
*.chef.io
client.appletv.cnn.com
depop.com
*.depop.com
dev.client.appletv.cnn.com
docs.secretcdn-stg.net
dosomething.org
*.dosomething.org
fastly.cedexis-test.com
frontgatetickets.com
*.frontgatetickets.com
gazelle.com
*.gazelle.com
getchef.com
*.getchef.com
hdmtools.com
*.hdmtools.com
ibmserviceengage.com
iheart.com
*.iheart.com
opensesame.com
*.opensesame.com
opscode.com
*.opscode.com
pentos-cdn.polarmobile.com
pentos-cdn.staging.polarmobile.com
playboy.com
*.playboy.com
rubytogether.org
*.rubytogether.org
status.authorize.net
statuspage.io
tag.marinsm.com
tripping.com
*.tripping.com
wohlers.org
*.wohlers.org
www.rackspacestatus.com
www.teachingenglish.org.uk
www.thetelecomshop.com
Other certificates including the domain name fastly.net
(limited to 100 certificates)
f4.shared.global.fastly.net
f6.shared.global.fastly.net
h2.shared.global.fastly.net
y2.shared.global.fastly.net
g3.shared.global.fastly.net
i3.shared.global.fastly.net
e2.shared.global.fastly.net
m2.shared.global.fastly.net
u.sni-741-default.ssl.fastly.net
u2.shared.global.fastly.net
i2.shared.global.fastly.net
n2.shared.global.fastly.net
e.ssl.fastly.net
w2.shared.global.fastly.net
*.a.heroku.ssl.fastly.net
o2.shared.global.fastly.net
k3.shared.global.fastly.net
o.ssl.fastly.net
b3.shared.global.fastly.net
*.a.heroku.ssl.fastly.net
o.ssl.fastly.net
v2.shared.global.fastly.net
c3.shared.global.fastly.net
w2.shared.global.fastly.net
customer-test.ssl.fastly.net
prospective.shared.global.fastly.net
j3.shared.global.fastly.net
k2.shared.global.fastly.net
p2.shared.global.fastly.net
a2.ssl.fastly.net
l3.shared.global.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
v.ssl.fastly.net
a3.shared.global.fastly.net
customer-test.ssl.fastly.net
w2.shared.global.fastly.net
g3.shared.global.fastly.net
k3.shared.global.fastly.net
t2.shared.global.fastly.net
prospective.shared.global.fastly.net
i3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
t2.shared.global.fastly.net
p2.shared.global.fastly.net
w2.shared.global.fastly.net
n2.shared.global.fastly.net
t2.shared.global.fastly.net
o2.shared.global.fastly.net
v.ssl.fastly.net
e2.shared.global.fastly.net
w2.shared.global.fastly.net
b3.shared.global.fastly.net
t.ssl.fastly.net
f.ssl.fastly.net
l3.shared.global.fastly.net
c3.shared.global.fastly.net
r.ssl.fastly.net
g3.shared.global.fastly.net
n2.shared.global.fastly.net
l3.shared.global.fastly.net
v2.shared.global.fastly.net
d2.shared.global.fastly.net
j3.shared.global.fastly.net
l3.shared.global.fastly.net
g2.shared.global.fastly.net
e2.shared.global.fastly.net
n2.shared.global.fastly.net
e2.shared.global.fastly.net
k2.shared.global.fastly.net
h2.shared.global.fastly.net
t2.shared.global.fastly.net
p.ssl.fastly.net
a2.ssl.fastly.net
j3.shared.global.fastly.net
k.ssl.fastly.net
i2.shared.global.fastly.net
customer-test.ssl.fastly.net
n2.shared.global.fastly.net
prospective2.shared.global.fastly.net
w2.shared.global.fastly.net
h2.shared.global.fastly.net
u2.shared.global.fastly.net
w2.shared.global.fastly.net
d2.shared.global.fastly.net
b3.shared.global.fastly.net
n.ssl.fastly.net
l.ssl.fastly.net
prospective.shared.global.fastly.net
g2.shared.global.fastly.net
v.ssl.fastly.net
d3.shared.global.fastly.net
a3.shared.global.fastly.net
z.ssl.fastly.net
l2.shared.global.fastly.net
e2.shared.global.fastly.net
h3.shared.global.fastly.net
b2.shared.global.fastly.net
v2.shared.global.fastly.net
c3.shared.global.fastly.net
f6.shared.global.fastly.net
h2.shared.global.fastly.net
y2.shared.global.fastly.net
g3.shared.global.fastly.net
i3.shared.global.fastly.net
e2.shared.global.fastly.net
m2.shared.global.fastly.net
u.sni-741-default.ssl.fastly.net
u2.shared.global.fastly.net
i2.shared.global.fastly.net
n2.shared.global.fastly.net
e.ssl.fastly.net
w2.shared.global.fastly.net
*.a.heroku.ssl.fastly.net
o2.shared.global.fastly.net
k3.shared.global.fastly.net
o.ssl.fastly.net
b3.shared.global.fastly.net
*.a.heroku.ssl.fastly.net
o.ssl.fastly.net
v2.shared.global.fastly.net
c3.shared.global.fastly.net
w2.shared.global.fastly.net
customer-test.ssl.fastly.net
prospective.shared.global.fastly.net
j3.shared.global.fastly.net
k2.shared.global.fastly.net
p2.shared.global.fastly.net
a2.ssl.fastly.net
l3.shared.global.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
v.ssl.fastly.net
a3.shared.global.fastly.net
customer-test.ssl.fastly.net
w2.shared.global.fastly.net
g3.shared.global.fastly.net
k3.shared.global.fastly.net
t2.shared.global.fastly.net
prospective.shared.global.fastly.net
i3.shared.global.fastly.net
dns-vetting1j.map.fastly.net
t2.shared.global.fastly.net
p2.shared.global.fastly.net
w2.shared.global.fastly.net
n2.shared.global.fastly.net
t2.shared.global.fastly.net
o2.shared.global.fastly.net
v.ssl.fastly.net
e2.shared.global.fastly.net
w2.shared.global.fastly.net
b3.shared.global.fastly.net
t.ssl.fastly.net
f.ssl.fastly.net
l3.shared.global.fastly.net
c3.shared.global.fastly.net
r.ssl.fastly.net
g3.shared.global.fastly.net
n2.shared.global.fastly.net
l3.shared.global.fastly.net
v2.shared.global.fastly.net
d2.shared.global.fastly.net
j3.shared.global.fastly.net
l3.shared.global.fastly.net
g2.shared.global.fastly.net
e2.shared.global.fastly.net
n2.shared.global.fastly.net
e2.shared.global.fastly.net
k2.shared.global.fastly.net
h2.shared.global.fastly.net
t2.shared.global.fastly.net
p.ssl.fastly.net
a2.ssl.fastly.net
j3.shared.global.fastly.net
k.ssl.fastly.net
i2.shared.global.fastly.net
customer-test.ssl.fastly.net
n2.shared.global.fastly.net
prospective2.shared.global.fastly.net
w2.shared.global.fastly.net
h2.shared.global.fastly.net
u2.shared.global.fastly.net
w2.shared.global.fastly.net
d2.shared.global.fastly.net
b3.shared.global.fastly.net
n.ssl.fastly.net
l.ssl.fastly.net
prospective.shared.global.fastly.net
g2.shared.global.fastly.net
v.ssl.fastly.net
d3.shared.global.fastly.net
a3.shared.global.fastly.net
z.ssl.fastly.net
l2.shared.global.fastly.net
e2.shared.global.fastly.net
h3.shared.global.fastly.net
b2.shared.global.fastly.net
v2.shared.global.fastly.net
c3.shared.global.fastly.net
Certificate
The complete raw certificate details for g.ssl.fastly.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIK5TCCCc2gAwIBAgIMRF3i7EOSblQk4tcqMA0GCSqGSIb3DQEBCwUAMGYxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g RzIwHhcNMTcxMjE5MjE1NDA5WhcNMTgxMjE5MjAwMjAwWjBsMQswCQYDVQQGEwJV UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEV MBMGA1UECgwMRmFzdGx5LCBJbmMuMRkwFwYDVQQDDBBnLnNzbC5mYXN0bHkubmV0 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm1YCVR6VALnnhK9KkVt UyXEVZiNnYYWSi9Edgfw0dFlaOI4tLEosIVg7u+UYNi5fu8ZUcl8fIKQWCvNfJn1 DAnnGSeau1IMoetSOloWX040cxaHEFgA0ZO/sk8ddei/tE9AVLyIrFqNugq6Yz3B cwHxmBzshxwkKkxMnCPPqSQUfJrEMIOWbtQSHIjfhUWcJuBGqZs84eg8XlD5Vd8e 7OqSbD3iwcKgVa0I3D38Db2gPId5tjAVaoD7uOpYV7JXfLgnKDEcHRIW+xkkC40m Cg0QSvOV1ejOG3MM1ji829GBNGusL0prlfYSyZRDvyLICzdhp3ILoc96GHtHEdea XQIDAQABo4IHizCCB4cwDgYDVR0PAQH/BAQDAgWgMIGgBggrBgEFBQcBAQSBkzCB kDBNBggrBgEFBQcwAoZBaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNl cnQvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzJyMS5jcnQwPwYIKwYBBQUHMAGGM2h0 dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc29yZ2FuaXphdGlvbnZhbHNoYTJn MjBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczov L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwCQYDVR0T BAIwADBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29t L2dzL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyLmNybDCCA8oGA1UdEQSCA8EwggO9 ghBnLnNzbC5mYXN0bHkubmV0ghAqLmFwaS5paGVhcnQuY29tghgqLmRvY3Muc2Vj cmV0Y2RuLXN0Zy5uZXSCDyouc3RhdHVzcGFnZS5pb4ISYWxpZW53YXJlYXJlbmEu Y29tghQqLmFsaWVud2FyZWFyZW5hLmNvbYINYXBpLmdhcmFnZS5tZYIIYXZ2by5j b22CCiouYXZ2by5jb22CE2Nkbi5icml0ZXZlcmlmeS5jb22CEmNkbi5saXN0ZW5s b29wLmNvbYIOY2RuLndpc3RpYS5jb22CB2NoZWYuaW+CCSouY2hlZi5pb4IWY2xp ZW50LmFwcGxldHYuY25uLmNvbYIJZGVwb3AuY29tggsqLmRlcG9wLmNvbYIaZGV2 LmNsaWVudC5hcHBsZXR2LmNubi5jb22CFmRvY3Muc2VjcmV0Y2RuLXN0Zy5uZXSC D2Rvc29tZXRoaW5nLm9yZ4IRKi5kb3NvbWV0aGluZy5vcmeCF2Zhc3RseS5jZWRl eGlzLXRlc3QuY29tghRmcm9udGdhdGV0aWNrZXRzLmNvbYIWKi5mcm9udGdhdGV0 aWNrZXRzLmNvbYILZ2F6ZWxsZS5jb22CDSouZ2F6ZWxsZS5jb22CC2dldGNoZWYu Y29tgg0qLmdldGNoZWYuY29tggxoZG10b29scy5jb22CDiouaGRtdG9vbHMuY29t ghRpYm1zZXJ2aWNlZW5nYWdlLmNvbYIKaWhlYXJ0LmNvbYIMKi5paGVhcnQuY29t gg5vcGVuc2VzYW1lLmNvbYIQKi5vcGVuc2VzYW1lLmNvbYILb3BzY29kZS5jb22C DSoub3BzY29kZS5jb22CGnBlbnRvcy1jZG4ucG9sYXJtb2JpbGUuY29tgiJwZW50 b3MtY2RuLnN0YWdpbmcucG9sYXJtb2JpbGUuY29tggtwbGF5Ym95LmNvbYINKi5w bGF5Ym95LmNvbYIQcnVieXRvZ2V0aGVyLm9yZ4ISKi5ydWJ5dG9nZXRoZXIub3Jn ghRzdGF0dXMuYXV0aG9yaXplLm5ldIINc3RhdHVzcGFnZS5pb4IPdGFnLm1hcmlu c20uY29tggx0cmlwcGluZy5jb22CDioudHJpcHBpbmcuY29tggt3b2hsZXJzLm9y Z4INKi53b2hsZXJzLm9yZ4IXd3d3LnJhY2tzcGFjZXN0YXR1cy5jb22CGnd3dy50 ZWFjaGluZ2VuZ2xpc2gub3JnLnVrghZ3d3cudGhldGVsZWNvbXNob3AuY29tMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUs1e3+hp/bk8j nXDGpqtMHkcOiwAwHwYDVR0jBBgwFoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwggH1 BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyI jT0RxM227L7MAAABYHDFDuQAAAQDAEcwRQIhAOEcP0eERwGRDu6jd5xjvuf2LW8C 8BkCuf+nENP1dCasAiAKL5uPgHcHfDZ8SxBaD2H5mBwO8WTjWf9yljZvPwxEHQB2 AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABYHDFDxEAAAQDAEcw RQIgblUbcHYeplKZ5jTLblXaqkMYZWn6NWveJ0z1DpZFWDECIQDM+oiGKmCw/Zj5 o7lYAWM8ll8eRdKxI2J4nXmAlHjRwQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+Rvf uON3zQ7IDdwQAAABYHDFEYgAAAQDAEcwRQIgTiTcV9mZwCL+YMDDWa0RZbQOK4x7 /t4nLoxk2WF74QMCIQDMDNJpiXCWXqmyW5ejWK6VOULUm8Ag5YBkkM6B5wPCdwB1 AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABYHDFFIgAAAQDAEYw RAIgQJX1XolCk6V8T6MkX31KhX7BH5G5oG7aXGT8yxeMiuECIGosQM24/xITTIOO /YTFFkciOTHIbUhrpnhPauBxWi0UMA0GCSqGSIb3DQEBCwUAA4IBAQBUuq7vIVJq 8XOObJb9cklXEIY69ziLPMxbP/7Erq3X+x/HoE0oe8thi5Y0kj1syV89ij3jy8O3 sHXxW6auopKd45zidNXZIVE09Ck8vz1rnxYedWvquw9CWTRAU+D+UVGQa+dn50Ij 6N5UMTnNr2mkXYwC0LsHM3HctrsKYwWT6K/pnsVKCw8LwvEupbCvfWvGsnR/JuQe sLdFqsOXsvN0Nzx9QARLjpl+/RPTni4zYqnjP37+9z2fzDP+wR6SLuDdxjjuCByo iKfIqsyuqQcYzWJnC4E2E8WlK4i79gYwqreyvhkijocR7sNIYuGiR12Csmdtc6gn 4OplUwIQrRVt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm1YCVR6VALnnhK9KkVt UyXEVZiNnYYWSi9Edgfw0dFlaOI4tLEosIVg7u+UYNi5fu8ZUcl8fIKQWCvNfJn1 DAnnGSeau1IMoetSOloWX040cxaHEFgA0ZO/sk8ddei/tE9AVLyIrFqNugq6Yz3B cwHxmBzshxwkKkxMnCPPqSQUfJrEMIOWbtQSHIjfhUWcJuBGqZs84eg8XlD5Vd8e 7OqSbD3iwcKgVa0I3D38Db2gPId5tjAVaoD7uOpYV7JXfLgnKDEcHRIW+xkkC40m Cg0QSvOV1ejOG3MM1ji829GBNGusL0prlfYSyZRDvyLICzdhp3ILoc96GHtHEdea XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 21158482382201430576621344554 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-19 21:54:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-19 20:02:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Fastly, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'g.ssl.fastly.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26059010305939598323585374452153629599536302641272884367045869736269822215694091627486277785951135425936951303777257854078836090157537424064179052251015827819628071723110340733048151948739885052340595268703285856412755808553499688684928872234491680229946691510531331672751040190288728022811485410420981306003395214762699336476004281603055326882110316808727328027409192706831492388267396175623183009956041239255604961323032390722366787747927911746937434845200552693001121641641609156202853242750292014199689691022100330865687987576459906563265267167330940022236527521083761500736765250951548366374261963538484853971549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (961 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'g.ssl.fastly.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.iheart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.docs.secretcdn-stg.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.statuspage.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alienwarearena.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.alienwarearena.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.garage.me' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avvo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avvo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.briteverify.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.listenloop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.wistia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chef.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chef.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.appletv.cnn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'depop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.depop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.client.appletv.cnn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docs.secretcdn-stg.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dosomething.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dosomething.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fastly.cedexis-test.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'frontgatetickets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.frontgatetickets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gazelle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gazelle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'getchef.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.getchef.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hdmtools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hdmtools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ibmserviceengage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iheart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iheart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opensesame.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.opensesame.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opscode.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.opscode.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pentos-cdn.polarmobile.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pentos-cdn.staging.polarmobile.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'playboy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.playboy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rubytogether.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rubytogether.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'status.authorize.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'statuspage.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tag.marinsm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripping.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tripping.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wohlers.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wohlers.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rackspacestatus.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.teachingenglish.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thetelecomshop.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b357b7fa1a7f6e4f239d70c6a6ab4c1e470e8b00 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000016070c50ee40000040300473045022100e11c3f47844701910eeea3779c63bee7f62d6f02f01902b9ffa710d3f57426ac02200a2f9b8f8077077c367c4b105a0f61f9981c0ef164e359ff7296366f3f0c441d0076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000016070c50f11000004030047304502206e551b70761ea65299e634cb6e55daaa43186569fa356bde274cf50e96455831022100ccfa88862a60b0fd98f9a3b95801633c965f1e45d2b12362789d79809478d1c1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016070c51188000004030047304502204e24dc57d999c022fe60c0c359ad1165b40e2b8c7bfede272e8c64d9617be103022100cc0cd2698970965ea9b25b97a358ae953942d49bc020e5806490ce81e703c277007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016070c51488000004030046304402204095f55e894293a57c4fa3245f7d4a857ec11f91b9a06eda5c64fccb178c8ae102206a2c40cdb8ff12134c838efd84c51647223931c86d486ba6784f6ae0715a2d14 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0054baaeef21526af1738e6c96fd72495710863af7388b3ccc5b3ffec4aeadd7fb1fc7a04d287bcb618b9634923d6cc95f3d8a3de3cbc3b7b075f15ba6aea2929de39ce274d5d9215134f4293cbf3d6b9f161e756beabb0f4259344053e0fe5151906be767e74223e8de543139cdaf69a45d8c02d0bb073371dcb6bb0a630593e8afe99ec54a0b0f0bc2f12ea5b0af7d6bc6b2747f26e41eb0b745aac397b2f374373c7d40044b8e997efd13d39e2e3362a9e33f7efef73d9fcc33fec11e922ee0ddc638ee081ca888a7c8aaccaea90718cd62670b813613c5a52b88bbf60630aab7b2be19228e8711eec34862e1a2475d82b2676d73a827e0ea65530210ad156d