horizonview.footlocker.com

- Foot Locker -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 29:ab:b8:46:7d:e5:e8:53:e3:14:05:bb:31:4d:fc:7f was issued on by Entrust, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Foot Locker

Organization: Foot Locker
State / Province: Pennsylvania
Locality: Camp Hill
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 29:ab:b8:46:7d:e5:e8:53:e3:14:05:bb:31:4d:fc:7f
Serial Number (int): 55389968138293021596222819380979694719
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 4a:c9:7a:4e:aa:1d:b6:46:fc:28:74:d6:55:61:5f:4d:ef:b9:be:2a
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): 7a:97:03:9e:38:c5:11:57:06:0c:94:74:e8:a8:95:3e:41:ef:4e:7a
Fingerprint (sha256): 25:c6:3d:28:bc:77:9a:be:39:57:af:76:8d:49:4f:15:10:86:79:35:17:0c:c6:c2:79:3f:66:ee:61:f6:0f:4d

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate horizonview.footlocker.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for horizonview.footlocker.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

horizonview.footlocker.com

Other certificates including the domain name footlocker.com

(limited to 100 certificates)
trig.e.footlocker.com
devconfluence.footlocker.com
staging.footlocker.com
answers-texaneyecare.pagescdn.com
footlocker.com
www.footlocker.com
ebm.cheetahmail.com
wpm03.eccmp.com
www.footlocker.com
mlwsra.footlocker.com
HomeViewEU.footlocker.com
www.footlocker.com
footlocker.com
*.footlocker.com
ftp.footlocker.com
openam-footlocker-use4-staging.id.forgerock.io
www.footlocker.com
e.footlocker.com
footlocker.com
e.footlocker.com
stores.footlocker.com
coex.footlocker.com
homevieweuuat.footlocker.com
wpm03.eccmp.com
mi.footlocker.com
www.cexwelrmgstage.origin.footlocker.com
footlocker.com
www.footlocker.com
mi.footlocker.com
securerouting.footlocker.com
trk.bc.footlocker.ca
ftlsite01.footlocker.com
www.footlocker.com
footlocker.com
esps.footlocker.com
f02.chtah.com
wpm03.eccmp.com
staging.footlocker.com
stores.footlocker.com
jira.footlocker.com
www.cexnalrmgprd.origin.footlocker.com
stores.footlocker.com
dev.eu.apigee.footlocker.com
www.footlocker.com
wpm03.eccmp.com
prod.us.apigee.footlocker.com
dev.globalapi.footlocker.com
homeviewEU.footlocker.com
sanl.footlocker.com
reporting.vendor.footlocker.com
securerouting.footlocker.com
ess.footlocker.com
vmtne.footlocker.com
wpm03.eccmp.com
uat.confluence.footlocker.com
ebm.cheetahmail.com
ftlsite02.footlocker.com
xauthsvc.footlocker.com
geospatial.footlocker.com
f02.chtah.com
flvpn.footlocker.com
careers.footlocker.com
sanl.footlocker.com
www.footlocker.com
answers-texaneyecare.pagescdn.com
horizonview.footlocker.com
staging.footlocker.com
careers.footlocker.com
sourcing.footlocker.com
mlwasa01.footlocker.com
www.footlocker.com
flgpvendor.footlocker.com
xauthsvc.footlocker.com
help.footlocker.com
chwsra.footlocker.com
footlocker.com
test.footlocker.com
staging.footlocker.com
e.footlocker.com
dev.apg.globalapi.footlocker.com
*.footlocker.com
f02.chtah.com
securerouting.footlocker.com
chwda.footlocker.com
ttp.footlocker.com
esps2.footlocker.com
waumdmprdapp04.footlocker.com
mlwsra.footlocker.com
keyfactor.footlocker.com
apigtw.globalapi.footlocker.com
esps.footlocker.com
f02.chtah.com
stores.footlocker.com
hrmstest.footlocker.com
homeview.footlocker.com
www.footlocker.com
f02.chtah.com
e.footlocker.com
answers.zahnarzt-obernberg.at.pagescdn.com
apg.globalapi.footlocker.com

Certificate

The complete raw certificate details for horizonview.footlocker.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIQKau4Rn3l6FPjFAW7MU38fzANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDA0MTcxNjAxMTFaFw0yNTA0MTcxNjAxMTBaMHMxCzAJBgNVBAYTAlVTMRUwEwYD
VQQIEwxQZW5uc3lsdmFuaWExEjAQBgNVBAcTCUNhbXAgSGlsbDEUMBIGA1UEChML
Rm9vdCBMb2NrZXIxIzAhBgNVBAMTGmhvcml6b252aWV3LmZvb3Rsb2NrZXIuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvj0JOb8oPve943rJAll
txUXytyhadbzylGBLHqbYHTms4EE/FWrrQbA+uhoeydcUMNe4calEAzC1rbNu0Ov
8X4WhQGwlqsvXaeCw/pKT7DdSiA8YuSlavozI0yl15JAk0SdrskAwQvjWUYNv3JR
6LweJHo5lVmPCL1dHX4YKxUG7/GTtGFA1R1nPq2+hXaKZWR/TOoaRumCQXlGpEHj
likkawbUEHCe22h2QPj4s6d/P0hgdK0G0fS/mn5XVx/MY+uc3OaYxZAs0pj7S2Hl
ET2ayE6VLMvmik38b7YdRowPgWq7ZRH8tPa/a8S9nzK6TkoxWb1PUyHLDYMVNzai
TwIDAQABo4IBcTCCAW0wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUSsl6Tqodtkb8
KHTWVWFfTe+5viowHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8waAYI
KwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
dDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4y
NTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQv
bGV2ZWwxay5jcmwwJQYDVR0RBB4wHIIaaG9yaXpvbnZpZXcuZm9vdGxvY2tlci5j
b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjATBgNVHSAEDDAKMAgGBmeBDAECAjATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAj/kagdZ5PM+lKyWu044LAdijvJ9rd1tor9e9LTDdGD30
P/Y4ILqFmwzV6c0/cw+TfpYPJAUJ7eII95tH3ycBeHmiAAUpuVu75XPTuSV8rL9q
PImjM1uP6BInrcuxP2L5if5FOXQ3CnYTbn3BJrs/DhKKa+dk0771cyOX7zrKBvar
qzauaTPOnIvShcdwGd/bzvZONCSUsVx4h3BsCk4sWXIY0OKtGelwnfC9nKyK/l1Z
ULyubAZUlDxVanTNHuDx+371xgdYEdAEkdcJYJGjIjJSWL992FtXTiWHyJ6k7IFo
N57keBh7Bw6Rr2/Ml77nmd5M1yGTiOitG53HR51Bcw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvj0JOb8oPve943rJAll
txUXytyhadbzylGBLHqbYHTms4EE/FWrrQbA+uhoeydcUMNe4calEAzC1rbNu0Ov
8X4WhQGwlqsvXaeCw/pKT7DdSiA8YuSlavozI0yl15JAk0SdrskAwQvjWUYNv3JR
6LweJHo5lVmPCL1dHX4YKxUG7/GTtGFA1R1nPq2+hXaKZWR/TOoaRumCQXlGpEHj
likkawbUEHCe22h2QPj4s6d/P0hgdK0G0fS/mn5XVx/MY+uc3OaYxZAs0pj7S2Hl
ET2ayE6VLMvmik38b7YdRowPgWq7ZRH8tPa/a8S9nzK6TkoxWb1PUyHLDYMVNzai
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 55389968138293021596222819380979694719
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-17 16:01:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-17 16:01:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Camp Hill'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Foot Locker'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'horizonview.footlocker.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17038696504509707635662636460731215194980349623725950182072774036510596308626552308021097696597541398935720827271208429703731871529087640525995652192902064289714969880199909428156233705477322384110612983716146953557174283259495547835797957066297395509192619081399823753784743202160395774484311880072793617652950753597708717889318449355121520515875456899970828777383290529720740371497806796743323490492037392478928043743621666579957620845101115670596580271019586569393448923685222825117239080506525293876981831870622221601636888617238167887956359316886878926453175437223132512123247945081642636567565960059754785448527
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4ac97a4eaa1db646fc2874d655615f4defb9be2a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'horizonview.footlocker.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008ff91a81d6793ccfa52b25aed38e0b01d8a3bc9f6b775b68afd7bd2d30dd183df43ff63820ba859b0cd5e9cd3f730f937e960f240509ede208f79b47df27017879a2000529b95bbbe573d3b9257cacbf6a3c89a3335b8fe81227adcbb13f62f989fe453974370a76136e7dc126bb3f0e128a6be764d3bef5732397ef3aca06f6abab36ae6933ce9c8bd285c77019dfdbcef64e342494b15c7887706c0a4e2c597218d0e2ad19e9709df0bd9cac8afe5d5950bcae6c0654943c556a74cd1ee0f1fb7ef5c6075811d00491d7096091a322325258bf7dd85b574e2587c89ea4ec8168379ee478187b070e91af6fcc97bee799de4cd7219388e8ad1b9dc7479d4173