tco.tiffany.com
- Tiffany & Co. -
Issued by DigiCert Secure Site CN CA G3
About this certificate
This digital certificate with serial number 0c:4a:4c:0e:ff:ac:8e:b9:85:95:2d:c8:72:54:49:45 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Tiffany & Co.
Organization:
Tiffany & Co.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:4a:4c:0e:ff:ac:8e:b9:85:95:2d:c8:72:54:49:45Serial Number (int): 16336508568402007189740467738704628037
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 43:b8:63:74:76:82:48:ad:38:eb:d3:33:f0:4b:22:f2:15:f2:0d:ef
AuthorityKeyId: 44:d9:c8:4a:33:8e:d3:52:8d:a7:92:94:61:1f:9a:c8:a5:b7:ec:cb
Fingerprint (sha1): 74:17:d6:30:c6:12:9b:98:4e:6f:73:95:66:7a:a3:1e:26:6c:7f:4f
Fingerprint (sha256): 22:5e:ae:ff:1d:74:22:20:10:78:87:c3:95:49:5b:ca:79:b5:56:7e:ef:5a:02:d3:40:8d:46:e6:41:79:37:30
Issuing Certificate URL: http://cacerts.digicert.cn/DigiCertSecureSiteCNCAG3.crt
Revocation information
OCSP Server: http://ocsp.digicert.cnCRL Distribution Point: http://crl.digicert.cn/DigiCertSecureSiteCNCAG3.crl
Check the revocation status for certificate tco.tiffany.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tco.tiffany.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tco.tiffany.com
m.tco.tiffany.com
t.tco.tiffany.com
m.tco.tiffany.com
t.tco.tiffany.com
Other certificates including the domain name tiffany.com
(limited to 100 certificates)
appointments.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sstats.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
enroll.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sstats.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
enroll.tiffany.com
Certificate
The complete raw certificate details for tco.tiffany.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGgjCCBWqgAwIBAgIQDEpMDv+sjrmFlS3IclRJRTANBgkqhkiG9w0BAQsFADBM MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1E aWdpQ2VydCBTZWN1cmUgU2l0ZSBDTiBDQSBHMzAeFw0yNDAxMTIwMDAwMDBaFw0y NTAxMTQyMzU5NTlaMGUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazER MA8GA1UEBxMITmV3IFlvcmsxFjAUBgNVBAoMDVRpZmZhbnkgJiBDby4xGDAWBgNV BAMTD3Rjby50aWZmYW55LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJSNo3WhifDwD1nH33teXn6A8bWEjvevjXnpL6fsauBV7XxwnuO5BEUEnVnU 4jXX9Z62FnCl7+7alyVU9V+JQNZmBdyq7HY5JsIiWHNHOJ2e++TenXQebtYSR1m8 7aAaFYz1lSBM+U3MFB5urkbH36Hbowlsk3aKWdduQ5bOgnZOIIDhcPWBajzR7Jnc b1v9PT15Hyra2eYAhd9zKFsG9k/T3iTax5heoUsfryBz1JN49QfheGdzHVQ2kG8N H4KhEK2OLgTXJstgypwZ4Bl6THcvLiDtQ4uwSsnxLtvQyXxmhJNPYkcYXV4vrKkU fKGQIR82yXWns/S1GzkCA92RS60CAwEAAaOCA0UwggNBMB8GA1UdIwQYMBaAFETZ yEozjtNSjaeSlGEfmsilt+zLMB0GA1UdDgQWBBRDuGN0doJIrTjr0zPwSyLyFfIN 7zBABgNVHREEOTA3gg90Y28udGlmZmFueS5jb22CEW0udGNvLnRpZmZhbnkuY29t ghF0LnRjby50aWZmYW55LmNvbTA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsG AQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHR8EPTA7MDmg N6A1hjNodHRwOi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0U2VjdXJlU2l0ZUNO Q0FHMy5jcmwweAYIKwYBBQUHAQEEbDBqMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz cC5kaWdpY2VydC5jbjBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNl cnQuY24vRGlnaUNlcnRTZWN1cmVTaXRlQ05DQUczLmNydDAMBgNVHRMBAf8EAjAA MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAYz+YfyNAAAEAwBHMEUCIQC781u5i2IL1+w9WJd6dPPm enufeDl95ueUOBdGqxHiNQIgHZv7+DtBI6GI7KzgGLRqzXBW68Bcmdv9OzDPhB1B mTAAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYz+YfzPAAAE AwBHMEUCIQDQEV2CAuKLS+SUMMj+QnY3givKdFPqrslxSNoH1xsB4QIgSuq+LhQM CYKTWKKbBjHirdZvPVZcvDXZABY+xKVboGAAdgB9WR4S4XgqexxhZ3xe/fjQh1wU oE6VnrkDL9kOjC55uAAAAYz+YfyOAAAEAwBHMEUCIQCBlNmybwoAfAiIWhzUUpYe +dub5/L+jWJAg5lSbfG6fAIgLfITkXYvoEogn0CEGQBG/mVBM/xr7Ex93oyDNjWR 1bgwDQYJKoZIhvcNAQELBQADggEBAOMC6YmNpb+2Tbw0I8D/DwODDV9T6/P4Qe0S eb1a8C1yXKd3HW0/lIjxLREEWdHjopPqQx/B54unwcMF4843wf0rWOf5JgdNdmTn p8HVRZ8EBRdd0nsBAthsqg665+PZGClTsLb2KiYxBce5SB7jB7lh/Gie+rTwID8q h9x+biUPLCky1HYu56lg86P/Ash9VWyCWeZe9CgDjl6AT5/qLqPV9LpYm0E563vk Z7ATTqxASLcl59R6AGsy9COCNk/1LTFJQdfOe1jlW0nvC+FjuFtVC5AoYYMOlIqo iTrBsk0idXW9VBgUQgmWPp6Fv03V/eN49+zHD3x52YfccuCCQDc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI2jdaGJ8PAPWcffe15e foDxtYSO96+Neekvp+xq4FXtfHCe47kERQSdWdTiNdf1nrYWcKXv7tqXJVT1X4lA 1mYF3KrsdjkmwiJYc0c4nZ775N6ddB5u1hJHWbztoBoVjPWVIEz5TcwUHm6uRsff odujCWyTdopZ125Dls6Cdk4ggOFw9YFqPNHsmdxvW/09PXkfKtrZ5gCF33MoWwb2 T9PeJNrHmF6hSx+vIHPUk3j1B+F4Z3MdVDaQbw0fgqEQrY4uBNcmy2DKnBngGXpM dy8uIO1Di7BKyfEu29DJfGaEk09iRxhdXi+sqRR8oZAhHzbJdaez9LUbOQID3ZFL rQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16336508568402007189740467738704628037 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Secure Site CN CA G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Tiffany & Co.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tco.tiffany.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18753113689203021760992401556091422714014414867849769802754247183370222358425000306957197709546904341238423094695450724988782330473171938209542864874388063640763325136704917045263856664804606340505799784122726749409414942807939560716892976510115564506190861376764441606124664839287763759056562827407784501768571870250349890247190611467748432697747268229434527718778425624889613173269660068891241284269839243261394047421315534995471583877823601330813122133410803434871421371373588298039410209893983656286057625447209585883328962972250413521769195753632406764139447684991220769675047016270342571042687091623315792546733 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 44d9c84a338ed3528da79294611f9ac8a5b7eccb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 43b86374768248ad38ebd333f04b22f215f20def . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tco.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.tco.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 't.tco.tiffany.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.digicert.cn/DigiCertSecureSiteCNCAG3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.cn/DigiCertSecureSiteCNCAG3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cfe61fc8d0000040300473045022100bbf35bb98b620bd7ec3d58977a74f3e67a7b9f78397de6e794381746ab11e23502201d9bfbf83b4123a188ecace018b46acd7056ebc05c99dbfd3b30cf841d4199300076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018cfe61fccf0000040300473045022100d0115d8202e28b4be49430c8fe427637822bca7453eaaec97148da07d71b01e102204aeabe2e140c09829358a29b0631e2add66f3d565cbc35d900163ec4a55ba0600076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cfe61fc8e00000403004730450221008194d9b26f0a007c08885a1cd452961ef9db9be7f2fe8d62408399526df1ba7c02202df21391762fa04a209f4084190046fe654133fc6bec4c7dde8c83363591d5b8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00e302e9898da5bfb64dbc3423c0ff0f03830d5f53ebf3f841ed1279bd5af02d725ca7771d6d3f9488f12d110459d1e3a293ea431fc1e78ba7c1c305e3ce37c1fd2b58e7f926074d7664e7a7c1d5459f0405175dd27b0102d86caa0ebae7e3d9182953b0b6f62a263105c7b9481ee307b961fc689efab4f0203f2a87dc7e6e250f2c2932d4762ee7a960f3a3ff02c87d556c8259e65ef428038e5e804f9fea2ea3d5f4ba589b4139eb7be467b0134eac4048b725e7d47a006b32f42382364ff52d314941d7ce7b58e55b49ef0be163b85b550b902861830e948aa8893ac1b24d227575bd5418144209963e9e85bf4dd5fde378f7ecc70f7c79d987dc72e0824037