lacgextranet.nao.org.uk
- National Audit Office -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 04:3e:cb:da:11:e5:60:58:2c:02:45:5e:87:9f:d7:59 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
National Audit Office
Organization:
National Audit Office
Organization unit: Digital Services
Organization unit: Digital Services
Locality:
London
Country: GB
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:3e:cb:da:11:e5:60:58:2c:02:45:5e:87:9f:d7:59Serial Number (int): 5642968994796336356627399279762200409
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: e8:4d:06:5d:fb:90:9c:a5:6f:02:1e:fe:44:89:94:04:92:e7:5f:f7
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 40:2a:03:4c:95:e3:65:b8:26:15:ed:79:36:cc:95:bc:a4:e1:cb:52
Fingerprint (sha256): 23:48:18:56:ae:77:66:e4:c1:08:ff:ce:64:1a:0a:be:ba:13:72:d1:a1:2f:1e:7a:69:5b:ae:e1:68:9d:c8:de
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate lacgextranet.nao.org.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lacgextranet.nao.org.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lacgextranet.nao.org.uk
Other certificates including the domain name nao.org.uk
(limited to 100 certificates)
RStudio-dev.nao.org.uk
RPacMan-dev.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
nao.org.uk
lacgextranet.nao.org.uk
RPacMan-dev.nao.org.uk
lacgextranet.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
RStudio-prod.nao.org.uk
www.nao.org.uk
www.nao.org.uk
resources.nao.org.uk
lf.nao.org.uk
naomail.nao.org.uk
nao.org.uk
nao.org.uk
nao.org.uk
naosurvey.nao.org.uk
nao.org.uk
*.nao.org.uk
www.nao.org.uk
RStudio-dev.nao.org.uk
naoccesite1.nao.org.uk
*.nao.org.uk
RPacMan-prod.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
*.nao.gov.uk
naosurvey.nao.org.uk
sip.nao.gov.uk
resources.nao.org.uk
nao.org.uk
nao.gov.uk
naomail.nao.org.uk
www.nao.org.uk
www.nao.org.uk
nao.org.uk
*.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
www.nao.org.uk
*.nao.org.uk
RPacMan-dev.nao.org.uk
www.nao.org.uk
naoccesite1.nao.org.uk
nao.org.uk
naomail.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
wifi.nao.org.uk
www.nao.org.uk
RStudio-dev.nao.org.uk
*.nao.org.uk
RPacMan-dev.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
nao.org.uk
lacgextranet.nao.org.uk
RPacMan-dev.nao.org.uk
lacgextranet.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
RStudio-prod.nao.org.uk
www.nao.org.uk
www.nao.org.uk
resources.nao.org.uk
lf.nao.org.uk
naomail.nao.org.uk
nao.org.uk
nao.org.uk
nao.org.uk
naosurvey.nao.org.uk
nao.org.uk
*.nao.org.uk
www.nao.org.uk
RStudio-dev.nao.org.uk
naoccesite1.nao.org.uk
*.nao.org.uk
RPacMan-prod.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
*.nao.gov.uk
naosurvey.nao.org.uk
sip.nao.gov.uk
resources.nao.org.uk
nao.org.uk
nao.gov.uk
naomail.nao.org.uk
www.nao.org.uk
www.nao.org.uk
nao.org.uk
*.nao.org.uk
resources.nao.org.uk
www.nao.org.uk
www.nao.org.uk
*.nao.org.uk
RPacMan-dev.nao.org.uk
www.nao.org.uk
naoccesite1.nao.org.uk
nao.org.uk
naomail.nao.org.uk
www.nao.org.uk
www.nao.org.uk
www.nao.org.uk
wifi.nao.org.uk
www.nao.org.uk
RStudio-dev.nao.org.uk
*.nao.org.uk
Certificate
The complete raw certificate details for lacgextranet.nao.org.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIQBD7L2hHlYFgsAkVeh5/XWTANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xODExMjgwMDAwMDBaFw0yMDEyMDIxMjAwMDBa MHsxCzAJBgNVBAYTAkdCMQ8wDQYDVQQHEwZMb25kb24xHjAcBgNVBAoTFU5hdGlv bmFsIEF1ZGl0IE9mZmljZTEZMBcGA1UECxMQRGlnaXRhbCBTZXJ2aWNlczEgMB4G A1UEAxMXbGFjZ2V4dHJhbmV0Lm5hby5vcmcudWswggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDsF9/XTxqDDP1yX8pfBEWnwl0qULFDPwDrTIKkX6cSw3MK 8+NS/sT5GwRKaxyV9wX1FsZ+BA1f5fLe1+dvy6OmDZozhljHTAYeI8TkoVwkmw5J bSC15zOrCSTl8QrAjEa1y4vyebZI6GT3cYspo9SjpYBbJwRlKnuG8LAWch/sbeg3 q3HiqklbCXtlUHX+XXkMWyeJWljsac9JiygTZ8nONM1hZqkvbJBdlj8VvSvvkIMk B6aER4lOr1nsHPAexG+V+3V8RGGveG3JZYh0S6LNtm7YJtr+Dep+APut/0sUax8M mteIHEbSlZHLZf7KuUpqqfBGTtVYNNNncScjV6eHAgMBAAGjggIFMIICATAfBgNV HSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQU6E0GXfuQnKVv Ah7+RImUBJLnX/cwIgYDVR0RBBswGYIXbGFjZ2V4dHJhbmV0Lm5hby5vcmcudWsw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1 BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1o YS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20v c2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCow KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM AQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp Z2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQu Y29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0T AQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEA k633uviCYeSCoBDOFAr2HNxy/IsfErzpeQbNKFsiCA1DuvKAS0Yfp4aTGjg8fQ/0 mq1xVtV+lBbwG9RHKOKf1RNex2WF5NGLhgoxws0/by9uk2KjqawHGKOFHmdipX6u lQ3Z77Efx2dkggvNhXm4N0lSh0dUvMZMgymMC/D1wqtcKc35MqXcKIzvpg2QoGwv 3uejmVNhIOfdg2FAEqio7JUt2OaZ9GjxpSS17RsRWjQrDC4uZUugFMFq23wqHq92 4Ftl1H/AibttAvS6W1i4oYAeclDPSD1AYcpgthJpt9w23X/kqGjkBV4UPw9cZ2cu TOc5x1WVOCVGqviEsarJow== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Bff108agwz9cl/KXwRF p8JdKlCxQz8A60yCpF+nEsNzCvPjUv7E+RsESmsclfcF9RbGfgQNX+Xy3tfnb8uj pg2aM4ZYx0wGHiPE5KFcJJsOSW0gteczqwkk5fEKwIxGtcuL8nm2SOhk93GLKaPU o6WAWycEZSp7hvCwFnIf7G3oN6tx4qpJWwl7ZVB1/l15DFsniVpY7GnPSYsoE2fJ zjTNYWapL2yQXZY/Fb0r75CDJAemhEeJTq9Z7BzwHsRvlft1fERhr3htyWWIdEui zbZu2Cba/g3qfgD7rf9LFGsfDJrXiBxG0pWRy2X+yrlKaqnwRk7VWDTTZ3EnI1en hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5642968994796336356627399279762200409 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-02 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'National Audit Office' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Digital Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lacgextranet.nao.org.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29804012867108117269037128382398224670168536376899253592976818369577914338067335466222337006929788864974338510053849900745925749761704997654033941876590330163435765296509478190064741702667801861621833857432073435880179228444305573761161407306906314125318196076701764443005021765477123816669897877475603297186412586580799975259199350592922899994022973740606720014438639636455141242235731526178957888690740568054802661514959664514579621713061596090987609347429712260806664329672010107183970834150509805698294871071288084471641178793369437259444598240433930532209160366615384113135697083615309721984417013103015518250887 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e84d065dfb909ca56f021efe4489940492e75ff7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lacgextranet.nao.org.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0093adf7baf88261e482a010ce140af61cdc72fc8b1f12bce97906cd285b22080d43baf2804b461fa786931a383c7d0ff49aad7156d57e9416f01bd44728e29fd5135ec76585e4d18b860a31c2cd3f6f2f6e9362a3a9ac0718a3851e6762a57eae950dd9efb11fc76764820bcd8579b8374952874754bcc64c83298c0bf0f5c2ab5c29cdf932a5dc288cefa60d90a06c2fdee7a399536120e7dd83614012a8a8ec952dd8e699f468f1a524b5ed1b115a342b0c2e2e654ba014c16adb7c2a1eaf76e05b65d47fc089bb6d02f4ba5b58b8a1801e7250cf483d4061ca60b61269b7dc36dd7fe4a868e4055e143f0f5c67672e4ce739c75595382546aaf884b1aac9a3