www.kbc.com
- KBC Group NV -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 01:f5:df:74:f3:02:22:ea:da:bc:97:d9:cd:b2:71:cc was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
KBC Group NV
Company registration number:
0403.227.515
Organization: KBC Group NV
Organization: KBC Group NV
State / Province:
Brussels
Locality: Brussels
Country: BE
Locality: Brussels
Country: BE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:f5:df:74:f3:02:22:ea:da:bc:97:d9:cd:b2:71:ccSerial Number (int): 2605872969141854750047731281122456012
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: d6:f1:33:aa:57:5e:19:67:db:3d:f7:e0:82:18:69:71:3e:00:68:1e
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): d6:81:1a:eb:6e:5a:bb:09:e4:7c:86:66:b9:7a:aa:b1:73:6b:cd:00
Fingerprint (sha256): 1f:20:18:5f:05:21:a3:b9:cb:f6:81:d8:d9:8f:8d:ff:8c:d1:9a:62:43:28:a8:b6:49:97:36:44:82:ba:cf:38
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate www.kbc.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kbc.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kbc.com
www.kbc.com
www.kbc.com
Other certificates including the domain name kbc.com
(limited to 100 certificates)
kbc.com
carsales.autolease.kbc.com
chat-a.kbc.com
newsroom.kbc.com
www.survey.kbc.com
www-o.kbc.com
www.survey.kbc.com
awareness.kbc.com
portalrel.kbc2s.com
investments.kbc.be
www.kbc.com
www-f.kbc.com
onboarding-a.kbc.com
secmar-o.kbc.com
idea.kbc.com
ul-a.kbc.be
autolease.acc.kbc.com
ul.kbc.be
newsroom.kbc.com
www.survey.kbc.com
newsroom.kbc.com
www-a.kbc.com
kbc.com
portalacc.kbc2s.com
ebics.kbc.com
businessdashboard.kbc.be
newsroom.kbc.com
businessdashboard.kbc.be
ul-a.kbc.be
portalrel.kbc2s.com
www.survey.kbc.com
newsroom.kbc.com
secmar-a.kbc.com
www.kbc.com
research.kbc.com
kbc.com
newsroom.kbc.com
www.newsroom.kbc.com
idp-a.kbc.com
www.kbc.com
secmar-o.kbc.com
ebics.kbc.com
www.kbc.com
idp2-a.kbc.com
autolease.kbc.com
newsroom.kbc.com
www.survey.kbc.com
kbc.com
www.survey.kbc.com
kbc.com
businessdashboard-a.kbc.be
portal.kbc2s.com
chat.kbc.com
tracer-o.kbc.com
scookies-adobe.kbc.com
newsroom.kbc.com
ebics.kbc.com
syndication.kbc.com
scookies-adobe.kbc.com
idp.kbc.com
carsales.autolease.kbc.com
syndication.kbc.com
portalacc.kbc2s.com
newsroom.kbc.com
ul.kbc.be
newsroom.kbc.com
www.newsroom.kbc.com
newsroom.kbc.com
newsroom.kbc.com
carsales.autolease.kbc.com
survey.kbc.com
new-dev.kbc.com
www-f.kbc.com
idp-f.kbc.com
www.kbc.com
scookies-adobe.kbc.com
www.survey.kbc.com
research.kbc.com
chat.kbc.com
research.kbc.com
ul.kbc.be
ebics.kbc.com
tracer-o.kbc.com
ul.kbc.be
ebicsacc.kbc.com
www-a.kbc.com
ul-a.kbc.be
TestiFinance-HK.kbc.com
www.survey.kbc.com
ebics.kbc.com
www-o.kbc.com
www.survey.kbc.com
www.survey.kbc.com
portal.kbc2s.com
newsroom.kbc.com
newsroom.kbc.com
www-a.kbc.com
mm.kbc.com
newsroom.kbc.com
ebics.kbc.com
carsales.autolease.kbc.com
chat-a.kbc.com
newsroom.kbc.com
www.survey.kbc.com
www-o.kbc.com
www.survey.kbc.com
awareness.kbc.com
portalrel.kbc2s.com
investments.kbc.be
www.kbc.com
www-f.kbc.com
onboarding-a.kbc.com
secmar-o.kbc.com
idea.kbc.com
ul-a.kbc.be
autolease.acc.kbc.com
ul.kbc.be
newsroom.kbc.com
www.survey.kbc.com
newsroom.kbc.com
www-a.kbc.com
kbc.com
portalacc.kbc2s.com
ebics.kbc.com
businessdashboard.kbc.be
newsroom.kbc.com
businessdashboard.kbc.be
ul-a.kbc.be
portalrel.kbc2s.com
www.survey.kbc.com
newsroom.kbc.com
secmar-a.kbc.com
www.kbc.com
research.kbc.com
kbc.com
newsroom.kbc.com
www.newsroom.kbc.com
idp-a.kbc.com
www.kbc.com
secmar-o.kbc.com
ebics.kbc.com
www.kbc.com
idp2-a.kbc.com
autolease.kbc.com
newsroom.kbc.com
www.survey.kbc.com
kbc.com
www.survey.kbc.com
kbc.com
businessdashboard-a.kbc.be
portal.kbc2s.com
chat.kbc.com
tracer-o.kbc.com
scookies-adobe.kbc.com
newsroom.kbc.com
ebics.kbc.com
syndication.kbc.com
scookies-adobe.kbc.com
idp.kbc.com
carsales.autolease.kbc.com
syndication.kbc.com
portalacc.kbc2s.com
newsroom.kbc.com
ul.kbc.be
newsroom.kbc.com
www.newsroom.kbc.com
newsroom.kbc.com
newsroom.kbc.com
carsales.autolease.kbc.com
survey.kbc.com
new-dev.kbc.com
www-f.kbc.com
idp-f.kbc.com
www.kbc.com
scookies-adobe.kbc.com
www.survey.kbc.com
research.kbc.com
chat.kbc.com
research.kbc.com
ul.kbc.be
ebics.kbc.com
tracer-o.kbc.com
ul.kbc.be
ebicsacc.kbc.com
www-a.kbc.com
ul-a.kbc.be
TestiFinance-HK.kbc.com
www.survey.kbc.com
ebics.kbc.com
www-o.kbc.com
www.survey.kbc.com
www.survey.kbc.com
portal.kbc2s.com
newsroom.kbc.com
newsroom.kbc.com
www-a.kbc.com
mm.kbc.com
newsroom.kbc.com
ebics.kbc.com
Certificate
The complete raw certificate details for www.kbc.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgIQAfXfdPMCIuravJfZzbJxzDANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MTIwMjAwMDAwMFoXDTIxMTIwNjEy MDAwMFowgasxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAkJFMRUwEwYDVQQFEwwwNDAzLjIyNy41MTUxCzAJBgNVBAYTAkJF MREwDwYDVQQIEwhCcnVzc2VsczERMA8GA1UEBxMIQnJ1c3NlbHMxFTATBgNVBAoT DEtCQyBHcm91cCBOVjEUMBIGA1UEAxMLd3d3LmtiYy5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCuK2h4XuLwxR9990Do/Za+3Fevkpd8zVmAJJXv sHc7vjUrBfX2bBMyY+wcrAJDr+n7b7LClIsBgGnCrcPzxFM3gQ+F1bGRw1GrpsYt XToMW23cvj32MENye1rrLY+3D/xp4busOoWyEm5dLOfLHdKF7rMdG+94YZ4beD/h wK6A/kltUA6+twiUhMSPfDdDadXrmjFdS3CQuxEAOx4g7+ZDo4oZRVM8nRrMelW4 v6F7ylZiQ40xth2JT8TWDcUSu5zB3dUTD3XlCBmM1+iYTyuLfTjfOV1clh/kwo48 aVNlzVnDgKJ2BuUyZ76gBdgcUHQnoeaoeOuxmUIew7Pf2LHrAgMBAAGjggIGMIIC AjAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQU1vEz qldeGWfbPffgghhpcT4AaB4wHwYDVR0RBBgwFoIHa2JjLmNvbYILd3d3LmtiYy5j b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hh Mi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5j b20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYF Z4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0 MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL BQADggEBAKGvhccUHrvxdA6yYW0kZUIhM658m/p2NMhQbWHNRjwnLLcdd+23EgJ8 IpIsdOnDc7dB9ZY98lsH5tOwi8dK7IkQl1CLpcaHf+Fetk+mbLd5wlR5fStJAHMr K8BRsoBQzGSjNz6RzkEM6sC9UvOqjq1bnLoe2lhOcDwgCarkO1QJpsNzGLl0i/4Y W2NjixnIbmFLuecJXlnrNrCtpeVhmHGLEmsZvWBsN6F1YR6lyKwCZf72m5dXBKyw uCRjT7pc/FqZMOw2OLzp0eFKRu9Bk3cC2yh3Q785jEAjK6v6532zMHKTUgea06m9 yYhJcCe6UvEBkittTYrJZsn3gfAWgMg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAritoeF7i8MUfffdA6P2W vtxXr5KXfM1ZgCSV77B3O741KwX19mwTMmPsHKwCQ6/p+2+ywpSLAYBpwq3D88RT N4EPhdWxkcNRq6bGLV06DFtt3L499jBDcnta6y2Ptw/8aeG7rDqFshJuXSznyx3S he6zHRvveGGeG3g/4cCugP5JbVAOvrcIlITEj3w3Q2nV65oxXUtwkLsRADseIO/m Q6OKGUVTPJ0azHpVuL+he8pWYkONMbYdiU/E1g3FErucwd3VEw915QgZjNfomE8r i3043zldXJYf5MKOPGlTZc1Zw4CidgblMme+oAXYHFB0J6HmqHjrsZlCHsOz39ix 6wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2605872969141854750047731281122456012 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '0403.227.515' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brussels' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brussels' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KBC Group NV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kbc.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21986870389438481123264517485242070918210229597161597770501989890306582112125584450664583516197713218641259358557705042268691631725184905152592313746294936658801310682921972925571959205750529858126574948887900798895229043984109169416001920551649971365844182157114411384118099215314313359932633830466723970426733037560174051453617751516714760388399931779991855339805205233797308894346491108486361116084587818952427249662909452540960399287735043386749753395270661115883097878995013043618968740672723352194301761647428700616354279898694469738919639556950838829519885838973153215689877937809325706202217866922529453027819 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d6f133aa575e1967db3df7e0821869713e00681e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kbc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kbc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a1af85c7141ebbf1740eb2616d2465422133ae7c9bfa7634c8506d61cd463c272cb71d77edb712027c22922c74e9c373b741f5963df25b07e6d3b08bc74aec891097508ba5c6877fe15eb64fa66cb779c254797d2b4900732b2bc051b28050cc64a3373e91ce410ceac0bd52f3aa8ead5b9cba1eda584e703c2009aae43b5409a6c37318b9748bfe185b63638b19c86e614bb9e7095e59eb36b0ada5e56198718b126b19bd606c37a175611ea5c8ac0265fef69b975704acb0b824634fba5cfc5a9930ec3638bce9d1e14a46ef41937702db287743bf398c40232babfae77db330729352079ad3a9bdc988497027ba52f101922b6d4d8ac966c9f781f01680c8