roche.net
- Cloudflare, Inc. -
Issued by Cloudflare Inc RSA CA-2
About this certificate
This digital certificate with serial number 09:04:4a:e5:d9:10:b5:13:f2:b4:57:a3:f2:a3:c0:98 was issued on by Cloudflare, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:04:4a:e5:d9:10:b5:13:f2:b4:57:a3:f2:a3:c0:98Serial Number (int): 11985340258236713217449016946986303640
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a9:b8:4d:dd:cd:28:cb:01:a7:91:a2:e8:9e:78:16:a7:06:6c:2a:a7
AuthorityKeyId: 18:a9:1a:fc:b2:45:49:c1:6f:30:34:08:2b:d9:87:9c:b0:25:57:7a
Fingerprint (sha1): 64:ad:17:2c:cd:ef:b7:cc:56:7f:a3:67:4a:cb:e9:5e:93:4a:c4:72
Fingerprint (sha256): 1e:b9:bf:ca:a4:e7:3f:ca:45:a0:d4:e7:61:95:ff:91:56:ac:15:b4:86:00:a9:a5:b1:b5:d3:2a:87:67:42:f1
Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncRSACA-2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/CloudflareIncRSACA-2.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncRSACA-2.crl
Check the revocation status for certificate roche.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for roche.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
roche.net
*.roche.net
*.roche.net
Other certificates including the domain name roche.net
(limited to 100 certificates)
coaguchek.com
partneraccess.roche.net
sentry-ppe.roche.net
edi2.roche.net
mdm.roche.net
sni.cloudflaressl.com
*.edidev2.roche.net
sg3vk030.roche.net
range.roche.net
sentryasiagmail.roche.net
sentrygmailtest.roche.net
vpn.range.roche.net
*.edidev2.roche.net
remoteaccess.roche.net
*.edi2.roche.net
rosa.roche.net
rkavoglh.roche.net
sni.cloudflaressl.com
se2vk030.roche.net
mdm-test.roche.net
partneraccess.roche.net
remoteaccess.roche.net
esrv-hub-uat.roche.net
*.editest2.roche.net
sni.cloudflaressl.com
editest3.roche.net
se2vk030.roche.net
se3vk030.roche.net
*.edi2.roche.net
sni.cloudflaressl.com
api-home.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
sentryasiagmail.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
rkavoglh.roche.net
*.rosa.roche.net
prod.rosa.roche.net
sentryemeao365.roche.net
cat.navify.esrv-hub-dev.roche.net
sni.cloudflaressl.com
ridusaxprod.dia.roche.net
aauthctx.roche.net
api-home.roche.net
sni.cloudflaressl.com
api-uat-home.roche.com
roche.net
edidev2.roche.net
*.edi2.roche.net
mb2vk030.roche.net
sentrynalao365.roche.net
roche.net
vpn.range.roche.net
roche.net
api-home.roche.net
roche.net
*.range.roche.net
mdm-dev.roche.net
range.roche.net
home.roche.net
sni.cloudflaressl.com
zh5vk030.roche.net
smartwebpoc.roche.net
roche.net
edi2.roche.net
cat.navify.esrv-hub-dev.roche.net
api-uat-home.roche.net
api-home.roche.net
*.edi2.roche.net
roche.net
api-home.roche.net
*.range.roche.net
sni.cloudflaressl.com
vpn.range.roche.net
remoteaccess.roche.net
sni.cloudflaressl.com
partneraccess.roche.net
esrv-hub-dev.roche.net
sni.cloudflaressl.com
roche.net
*.edidev2.roche.net
businesspartners.roche.net
sni.cloudflaressl.com
mdm-test.roche.net
range.roche.net
*.rosa.roche.net
esrv-hub-uat.roche.net
mb2vk030.roche.net
se2vk030.roche.net
range.roche.net
sni.cloudflaressl.com
uat-home.roche.net
sentry-ppe.roche.net
fr4vk030.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
mdm.roche.net
edidev.roche.net
sni.cloudflaressl.com
partneraccess.roche.net
sentry-ppe.roche.net
edi2.roche.net
mdm.roche.net
sni.cloudflaressl.com
*.edidev2.roche.net
sg3vk030.roche.net
range.roche.net
sentryasiagmail.roche.net
sentrygmailtest.roche.net
vpn.range.roche.net
*.edidev2.roche.net
remoteaccess.roche.net
*.edi2.roche.net
rosa.roche.net
rkavoglh.roche.net
sni.cloudflaressl.com
se2vk030.roche.net
mdm-test.roche.net
partneraccess.roche.net
remoteaccess.roche.net
esrv-hub-uat.roche.net
*.editest2.roche.net
sni.cloudflaressl.com
editest3.roche.net
se2vk030.roche.net
se3vk030.roche.net
*.edi2.roche.net
sni.cloudflaressl.com
api-home.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
sentryasiagmail.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
rkavoglh.roche.net
*.rosa.roche.net
prod.rosa.roche.net
sentryemeao365.roche.net
cat.navify.esrv-hub-dev.roche.net
sni.cloudflaressl.com
ridusaxprod.dia.roche.net
aauthctx.roche.net
api-home.roche.net
sni.cloudflaressl.com
api-uat-home.roche.com
roche.net
edidev2.roche.net
*.edi2.roche.net
mb2vk030.roche.net
sentrynalao365.roche.net
roche.net
vpn.range.roche.net
roche.net
api-home.roche.net
roche.net
*.range.roche.net
mdm-dev.roche.net
range.roche.net
home.roche.net
sni.cloudflaressl.com
zh5vk030.roche.net
smartwebpoc.roche.net
roche.net
edi2.roche.net
cat.navify.esrv-hub-dev.roche.net
api-uat-home.roche.net
api-home.roche.net
*.edi2.roche.net
roche.net
api-home.roche.net
*.range.roche.net
sni.cloudflaressl.com
vpn.range.roche.net
remoteaccess.roche.net
sni.cloudflaressl.com
partneraccess.roche.net
esrv-hub-dev.roche.net
sni.cloudflaressl.com
roche.net
*.edidev2.roche.net
businesspartners.roche.net
sni.cloudflaressl.com
mdm-test.roche.net
range.roche.net
*.rosa.roche.net
esrv-hub-uat.roche.net
mb2vk030.roche.net
se2vk030.roche.net
range.roche.net
sni.cloudflaressl.com
uat-home.roche.net
sentry-ppe.roche.net
fr4vk030.roche.net
sni.cloudflaressl.com
sni.cloudflaressl.com
mdm.roche.net
edidev.roche.net
sni.cloudflaressl.com
Certificate
The complete raw certificate details for roche.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIQCQRK5dkQtRPytFej8qPAmDANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjIwMTE5MDAwMDAwWhcNMjMw MTE4MjM1OTU5WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j LjESMBAGA1UEAxMJcm9jaGUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEApsk+jNu5jUjzRqexTZL4KlhE9gni7HWVQrcCmT217SPhD3thHxP2Lhyo QrFAPiOCvDzBrZovRa8jEtZ8SxEmQ86lg4I5YLQjktcThAnrftoxE+xliXFlJIER D+9jxp3AXHDmQx32TwUmMKrNYQJ4GiohEUx68gEkGHvQUOorb7KRfE4XPhq7Ftbv jdBM8t5FSzTZWlqdIA3lM6cJndmiKKGmk4HhSuzXPcI+3xaVKVKT5+QkAUsmdCbN oTR7bRNAQ52TAlNXCMa2zS97ThWP8EXIRD60mmyxRfqcq18s35LTqoBJyvlramgH uOmtIta5hXKlyXLtQOUk7pbMeD/mAwIDAQABo4IB7jCCAeowHwYDVR0jBBgwFoAU GKka/LJFScFvMDQIK9mHnLAlV3owHQYDVR0OBBYEFKm4Td3NKMsBp5Gi6J54FqcG bCqnMCEGA1UdEQQaMBiCCXJvY2hlLm5ldIILKi5yb2NoZS5uZXQwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDBy MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY1JT QUNBLTIuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRm bGFyZUluY1JTQUNBLTIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYB BQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRq MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEF BQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNS U0FDQS0yLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQCKDvAvQjHsvXEnZ8PWxCi1oSrdyjHBrJynf/lwkQMn TC6ix1yG6ruIZIXPrMHkUoe2hJ6lF9l61P4JTJ9zidMatfoFh9aFqxIxAMg1K2rn 6ON5D5NaYQBQpIGmGxqw4hxzj5vZmv4oN/R1lRoUIadH7dyif8X4JVDTwNwbwuHU 8hAimbyxefXpBQzUwKcHQP52/aFK3AKi4ubdUYNK8Ax8Rgiyi8FL92q7Use6Dfsc KyykVN46GjrpwgbnrLW5I2nYf52ulOpgI0wGg+L2HWbEN7MIELuqpqvp9U7DL3dA 3DHCKurNfRrtn3Dnw1RWBdYo6t33ZoYfamqdcyZJN56l -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsk+jNu5jUjzRqexTZL4 KlhE9gni7HWVQrcCmT217SPhD3thHxP2LhyoQrFAPiOCvDzBrZovRa8jEtZ8SxEm Q86lg4I5YLQjktcThAnrftoxE+xliXFlJIERD+9jxp3AXHDmQx32TwUmMKrNYQJ4 GiohEUx68gEkGHvQUOorb7KRfE4XPhq7FtbvjdBM8t5FSzTZWlqdIA3lM6cJndmi KKGmk4HhSuzXPcI+3xaVKVKT5+QkAUsmdCbNoTR7bRNAQ52TAlNXCMa2zS97ThWP 8EXIRD60mmyxRfqcq18s35LTqoBJyvlramgHuOmtIta5hXKlyXLtQOUk7pbMeD/m AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11985340258236713217449016946986303640 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc RSA CA-2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'roche.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21054795905479286658497537091048838494241733821970682428281723760690798205380808822758855830593566208899163596048734488451025988034092211700913734333708436693779433647631399151724166801123951943736645326849806044811884584198191962739736811664953456304669781054987079174979034445651248719289891347005412482189554536928659539903721444885513356925627651913841948207798322527918363583044791786169645297666125470450665223210254595353585328823090353628573498231974862993659370964316766466036350651442818268035739032614615165055463788666143744421666488268988957216600174270478673308550347580970307787181802107371248917931523 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 18a91afcb24549c16f3034082bd9879cb025577a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a9b84dddcd28cb01a791a2e89e7816a7066c2aa7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roche.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.roche.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncRSACA-2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008a0ef02f4231ecbd712767c3d6c428b5a12addca31c1ac9ca77ff9709103274c2ea2c75c86eabb886485cfacc1e45287b6849ea517d97ad4fe094c9f7389d31ab5fa0587d685ab123100c8352b6ae7e8e3790f935a610050a481a61b1ab0e21c738f9bd99afe2837f475951a1421a747eddca27fc5f82550d3c0dc1bc2e1d4f2102299bcb179f5e9050cd4c0a70740fe76fda14adc02a2e2e6dd51834af00c7c4608b28bc14bf76abb52c7ba0dfb1c2b2ca454de3a1a3ae9c206e7acb5b92369d87f9dae94ea60234c0683e2f61d66c437b30810bbaaa6abe9f54ec32f7740dc31c22aeacd7d1aed9f70e7c3545605d628eaddf766861f6a6a9d732649379ea5