*.caranddriver.com
- The Hearst Corporation -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 0d:3a:ff:8d:ed:33:8a:dc:2b:03:f4:79:72:ff:54:b9 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
The Hearst Corporation
Organization:
The Hearst Corporation
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:3a:ff:8d:ed:33:8a:dc:2b:03:f4:79:72:ff:54:b9Serial Number (int): 17586300422029030329851017183356736697
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 85:a4:e5:a9:d8:b7:89:ab:64:b2:b4:a2:be:8a:7f:68:94:57:e3:10
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): b3:81:09:23:dc:81:ec:81:8c:88:51:d3:52:a1:37:2c:33:d7:91:c4
Fingerprint (sha256): 21:a2:7b:7f:31:b1:c8:2a:c8:79:c5:41:5d:7a:3c:31:ec:7d:9c:12:5d:1e:1e:43:b8:ef:eb:83:0d:02:c7:94
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g4.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g4.crl
Check the revocation status for certificate *.caranddriver.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.caranddriver.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.caranddriver.com
caranddriver.com
caranddriver.com
Other certificates including the domain name caranddriver.com
(limited to 100 certificates)
*.25ans.jp
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
related.caranddriver.com
l2.shared.global.fastly.net
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
link.caranddriver.com
hearst-prod.actioniq.mr-in.com
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
magentocloud52.map.fastly.net
b2.shared.global.fastly.net
shop.elle.com
b2.shared.global.fastly.net
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
l2.shared.global.fastly.net
store.caranddriver.com
l2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
api.backfires.caranddriver.com
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
b2.shared.global.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
l2.shared.global.fastly.net
sli.esquire.com
*.caranddriver.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
b2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
mcstaging-store.delish.com
b2.shared.global.fastly.net
q.ssl.fastly.net
shop.elle.com
shop.elle.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
l2.shared.global.fastly.net
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
*.caranddriver.com
hearst-hdm.map.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
api.backfires.caranddriver.com
subscribe.hearstmags.com
l2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
l2.shared.global.fastly.net
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
l2.shared.global.fastly.net
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
related.caranddriver.com
l2.shared.global.fastly.net
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
link.caranddriver.com
hearst-prod.actioniq.mr-in.com
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
magentocloud52.map.fastly.net
b2.shared.global.fastly.net
shop.elle.com
b2.shared.global.fastly.net
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
l2.shared.global.fastly.net
store.caranddriver.com
l2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
api.backfires.caranddriver.com
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
b2.shared.global.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
l2.shared.global.fastly.net
sli.esquire.com
*.caranddriver.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
b2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
mcstaging-store.delish.com
b2.shared.global.fastly.net
q.ssl.fastly.net
shop.elle.com
shop.elle.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
l2.shared.global.fastly.net
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
*.caranddriver.com
hearst-hdm.map.fastly.net
shop.elle.com
hearst-hdm.map.fastly.net
api.backfires.caranddriver.com
subscribe.hearstmags.com
l2.shared.global.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
l2.shared.global.fastly.net
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
l2.shared.global.fastly.net
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
l2.shared.global.fastly.net
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
Certificate
The complete raw certificate details for *.caranddriver.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIQDTr/je0zitwrA/R5cv9UuTANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTUwNTE4MDAwMDAwWhcN MTYwNTI1MTIwMDAwWjBxMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsx ETAPBgNVBAcTCE5ldyBZb3JrMR8wHQYDVQQKExZUaGUgSGVhcnN0IENvcnBvcmF0 aW9uMRswGQYDVQQDDBIqLmNhcmFuZGRyaXZlci5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCqVM4IdFaU/mDmLx6C2mS3AFG/KTdEUde2axirc2ye 7lhd1tky74MKObNi8fFrIt1Ndv/VFcAKU0BUO4IytGShaQkwNSx07kEOwqoWpBHR 5tN/VH8qnqJ2FIAHqUdxm65ShI19ZMxGbDO0iguInc2e2+76Lesbo79ChtOa5QLj NpesW3iMnU0egec7tn7RY/hDaKod1UBlp4ogTEBtgC+zx3OEqebD3s41Z8Juq7kv broi7dYAtpk3dh6qyth+GqXLkRhSAe+KyEg0jJqWxSR2V/uByN0wiM1L0YBuWCrO 8jGhXkMUfRNf62jf+xv7DG83o7+PUE8F8yQL2FFsQTpHAgMBAAGjggHhMIIB3TAf BgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUhaTlqdi3 iatksrSivop/aJRX4xAwLwYDVR0RBCgwJoISKi5jYXJhbmRkcml2ZXIuY29tghBj YXJhbmRkcml2ZXIuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGln aWNlcnQuY29tL3NzY2Etc2hhMi1nNC5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRp Z2ljZXJ0LmNvbS9zc2NhLXNoYTItZzQuY3JsMEIGA1UdIAQ7MDkwNwYJYIZIAYb9 bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw fAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy dC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E aWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADANBgkq hkiG9w0BAQsFAAOCAQEAu849uoZbbeA83o5HUig7ThnTsPgGibBJKGEZdM1ZuTW+ QOpaTorzPgyAZauTcJA9wk4HsxrG3rX/hoafPBsTxCee5YkJnVJW5MqgyVuxXxXh txhhmyWiSBSUCi+NFGranxwFms70Chd3zxpWd590u03MbRSYLQVbtvjfuTqdld2U ormwpVoDGn5+rIcL9LZcd0oZaZFZjPEKhd10OSOI0R2cUrryD9bwNqwS+2jCRaNR rtxjH+i+fe/NMfIzIJW3G69Hbla1+sxW3nk821LnZFwftlm8AVj9VazU2DLdKi/s 2jSNJVTe/B1UItc5c+oQtbXxp6RMn+3kMWS/fn9bAg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlTOCHRWlP5g5i8egtpk twBRvyk3RFHXtmsYq3Nsnu5YXdbZMu+DCjmzYvHxayLdTXb/1RXAClNAVDuCMrRk oWkJMDUsdO5BDsKqFqQR0ebTf1R/Kp6idhSAB6lHcZuuUoSNfWTMRmwztIoLiJ3N ntvu+i3rG6O/QobTmuUC4zaXrFt4jJ1NHoHnO7Z+0WP4Q2iqHdVAZaeKIExAbYAv s8dzhKnmw97ONWfCbqu5L266Iu3WALaZN3YeqsrYfhqly5EYUgHvishINIyalsUk dlf7gcjdMIjNS9GAblgqzvIxoV5DFH0TX+to3/sb+wxvN6O/j1BPBfMkC9hRbEE6 RwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17586300422029030329851017183356736697 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-05-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-25 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Hearst Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.caranddriver.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21502330657856917460833369060929192958655270106689644711639535893271044645652226310966944917306202227858483549283421121279831344608515110768393778600966883827845719426347952737374104854020634096160850405005740447953766785341193482019184144929553566455881813094292190077689843215060474729925521021755811248678866048288849962087798662127100636832798621756622553765153722369065328235371647929322335180081023224726034132059447334580106321189648509596037021355481887855265138399107379620380226641087887806937231670801526673988337666916600210131156576985908276621382529666287725597084946652617217286910764641472150688053831 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 85a4e5a9d8b789ab64b2b4a2be8a7f689457e310 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.caranddriver.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caranddriver.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bbce3dba865b6de03cde8e4752283b4e19d3b0f80689b04928611974cd59b935be40ea5a4e8af33e0c8065ab9370903dc24e07b31ac6deb5ff86869f3c1b13c4279ee589099d5256e4caa0c95bb15f15e1b718619b25a24814940a2f8d146ada9f1c059acef40a1777cf1a56779f74bb4dcc6d14982d055bb6f8dfb93a9d95dd94a2b9b0a55a031a7e7eac870bf4b65c774a196991598cf10a85dd74392388d11d9c52baf20fd6f036ac12fb68c245a351aedc631fe8be7defcd31f2332095b71baf476e56b5facc56de793cdb52e7645c1fb659bc0158fd55acd4d832dd2a2fecda348d2554defc1d5422d73973ea10b5b5f1a7a44c9fede43164bf7e7f5b02