www3.anzen.mofa.go.jp

- Ministry of Foreign Affairs -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0d:b2:66:c7:be:3e:e2:8e:e2:55:25:d0:fb:1a:c2:98 was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Ministry of Foreign Affairs

Organization: Ministry of Foreign Affairs
State / Province: TOKYO
Locality: CHIYODA-KU
Country: JP

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:b2:66:c7:be:3e:e2:8e:e2:55:25:d0:fb:1a:c2:98
Serial Number (int): 18206277417085193632057784143326134936
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: be:85:de:3a:b2:ab:45:bc:4d:34:a1:f0:2d:8a:42:a8:d3:6a:77:4e
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): e9:66:8c:73:d7:42:2b:97:fe:39:65:be:23:f7:bc:4d:32:4e:b8:6e
Fingerprint (sha256): 2b:b9:48:e3:3a:13:32:2e:15:82:df:dc:ee:9e:de:03:87:c0:49:24:82:2d:e6:1a:15:32:eb:ad:50:a6:14:58

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate www3.anzen.mofa.go.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www3.anzen.mofa.go.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www3.anzen.mofa.go.jp

Other certificates including the domain name mofa.go.jp

(limited to 100 certificates)
www.ezairyu.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.ezairyu.mofa.go.jp
www3.mofa.go.jp
www3.mofa.go.jp
www.pilot.evisa.mofa.go.jp
t.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
ft1.iws.mofa.go.jp
www.anzen.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www.da.mofa.go.jp
www.deliver.mofa.go.jp
mofa.go.jp
www.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.a.ezairyu.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
*.mofa.go.jp
www3.mofa.go.jp
www.t.mofa.go.jp
www3.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www.mofa.go.jp
www.mmwtojapan.mofa.go.jp
www.a.ezairyu.mofa.go.jp
www3.t.mofa.go.jp
www.mofa.go.jp
www.deliver.mofa.go.jp
www.anzen.mofa.go.jp
mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
content.evisa.mofa.go.jp
www.ezairyu.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
mofa.go.jp
www.anzen.mofa.go.jp
www.deliver.mofa.go.jp
www3.anzen.mofa.go.jp
www.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
*.mofa.go.jp
remote.ezairyu.mofa.go.jp
www3.mofa.go.jp
*.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www3.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.pilot.a.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.ezairyu.mofa.go.jp
wwwc.e-procurement.mofa.go.jp
www.mofa.go.jp
www.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.ezairyu.mofa.go.jp
mofa.go.jp
www.contact.mofa.go.jp
rmac.mofa.go.jp
www.deliver.mofa.go.jp
rgp.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.mofa.go.jp
www3.nextweb.mofa.go.jp
www.a.evisa.mofa.go.jp
www.e-procurement.mofa.go.jp
www1.anpi.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.evisa.mofa.go.jp
www.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.n.mofa.go.jp
www.da.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www3.mofa.go.jp

Certificate

The complete raw certificate details for www3.anzen.mofa.go.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG7jCCBdagAwIBAgIQDbJmx74+4o7iVSXQ+xrCmDANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx
MDA1MDAwMDAwWhcNMjQxMDEwMjM1OTU5WjB4MQswCQYDVQQGEwJKUDEOMAwGA1UE
CBMFVE9LWU8xEzARBgNVBAcTCkNISVlPREEtS1UxJDAiBgNVBAoTG01pbmlzdHJ5
IG9mIEZvcmVpZ24gQWZmYWlyczEeMBwGA1UEAxMVd3d3My5hbnplbi5tb2ZhLmdv
LmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTj3/lRZcxH4++lN
6IiTAk8R8ke5H1gadqQopdYYd8KUul2RilkIlBw+dPdJcL2Icl/Xrbvt3gNrErwh
R26ZrwYNmOnjHOTqT33aWz7G4Erowb6lGACn/8j36jQ1ItZ7o7IFLsrJ27Jbj2F7
j6iq3R/hnid9oOEX+zC+pBK+l71bV5CA5YrCOWNbJ56dGi8WfpAQAcKGA8au1wRy
TyNepwFrmnZC5GHnL6kiuOSzqlJyMuYCSvcphiKQlWY+jocbesPU/Bw+kThfc8KW
0/fXJqsAncMyagJ6jRWPKhakDReOrW+/iNzx4D3k2a2PM8P2p2H7h7SG0jVQgK/D
k/3ZfQIDAQABo4IDkTCCA40wHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7t
zRcwHQYDVR0OBBYEFL6F3jqyq0W8TTSh8C2KQqjTandOMCAGA1UdEQQZMBeCFXd3
dzMuYW56ZW4ubW9mYS5nby5qcDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsG
AQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGU
MEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxH
MlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRp
Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0x
LmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
aWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0
LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAM
BgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuzdBk1dsa
zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYr/zzh9AAAEAwBHMEUCIHH/QUGC
9hRGEgGQZm2OGE5K1Ml3KZIHzUTyo40gITViAiEA8xht29E7X8F+WykXOiM+QbGC
FSCnjSbQsKNoZqf64JMAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE
cwAAAYr/zziuAAAEAwBHMEUCIE3ctF//Wbj6eUMcdt5RexQANXunevYFvftuWOBT
R9mTAiEAmQgaz66rUcUJqRuH1lrMXmJqYffQXcsxguyiZmfC0HgAdgDatr9rP7W2
Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYr/zziNAAAEAwBHMEUCIFHEIWbw
wfrk1Rfp9bIW5L3WYGIlYY14SV9bUo8943QYAiEAsczC8C1H6uOR2EN7vFkxa5bM
MgC+2+xNdPv2yxHcAtEwDQYJKoZIhvcNAQELBQADggEBAGwA4WRFAtS3Fp27LIkD
Io2tCS/rthUFYtwQ7ksKAylfvyOljClzmyNGzn10H08j8yJro+kdxPh0CfDN92iq
ubfTAwO0QntZMroo72kyd80o8JBosGCuXwkgNJnD2LVOA9qV8fGjaRmgv1cWuiSI
Hy/yLMTupsKMDNmqNiwtDJ51NX/z0r169WYaYPu62uQl97mD9qgStzvngm0k8NSN
lN0B132nFC/0bDxaHhqlViZLuPyAMMi8ACGWvfhBIHgbrRcQTfGKsmY8nF5Bso7k
kuyvtkhDbxFJgkaB1rlURauUcsVlyr0ofLrt4WEX+vy54MUczY1RaCPdKidRlu/b
//8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTj3/lRZcxH4++lN6IiT
Ak8R8ke5H1gadqQopdYYd8KUul2RilkIlBw+dPdJcL2Icl/Xrbvt3gNrErwhR26Z
rwYNmOnjHOTqT33aWz7G4Erowb6lGACn/8j36jQ1ItZ7o7IFLsrJ27Jbj2F7j6iq
3R/hnid9oOEX+zC+pBK+l71bV5CA5YrCOWNbJ56dGi8WfpAQAcKGA8au1wRyTyNe
pwFrmnZC5GHnL6kiuOSzqlJyMuYCSvcphiKQlWY+jocbesPU/Bw+kThfc8KW0/fX
JqsAncMyagJ6jRWPKhakDReOrW+/iNzx4D3k2a2PM8P2p2H7h7SG0jVQgK/Dk/3Z
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18206277417085193632057784143326134936
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TOKYO'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CHIYODA-KU'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ministry of Foreign Affairs'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www3.anzen.mofa.go.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24392085183520507979718017704961239848004870534363870361159368168581450612499547959172976273816311000674009692514250090593423330386768897730710289060310545744638153341953808426822219031089165415183801266185726154303049989675839741403267132154983030335496347101671771615374620867430019708655430943043507769795812405058579046982416253311397455974815975457320367461402188249969301020647203465853170867306104364787956956540471287439899335266772991509045070552614161295835361149300340750914859323658155247525828668132951751442572120891275804859720932008285945564098605545486271578639423905564932219688834663830495698999677
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							be85de3ab2ab45bc4d34a1f02d8a42a8d36a774e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3.anzen.mofa.go.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018affcf387d0000040300473045022071ff414182f61446120190666d8e184e4ad4c977299207cd44f2a38d20213562022100f3186ddbd13b5fc17e5b29173a233e41b1821520a78d26d0b0a36866a7fae09300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018affcf38ae000004030047304502204ddcb45fff59b8fa79431c76de517b1400357ba77af605bdfb6e58e05347d99302210099081acfaeab51c509a91b87d65acc5e626a61f7d05dcb3182eca26667c2d078007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018affcf388d0000040300473045022051c42166f0c1fae4d517e9f5b216e4bdd6606225618d78495f5b528f3de37418022100b1ccc2f02d47eae391d8437bbc59316b96cc3200bedbec4d74fbf6cb11dc02d1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006c00e1644502d4b7169dbb2c8903228dad092febb6150562dc10ee4b0a03295fbf23a58c29739b2346ce7d741f4f23f3226ba3e91dc4f87409f0cdf768aab9b7d30303b4427b5932ba28ef693277cd28f09068b060ae5f09203499c3d8b54e03da95f1f1a36919a0bf5716ba24881f2ff22cc4eea6c28c0cd9aa362c2d0c9e75357ff3d2bd7af5661a60fbbadae425f7b983f6a812b73be7826d24f0d48d94dd01d77da7142ff46c3c5a1e1aa556264bb8fc8030c8bc002196bdf84120781bad17104df18ab2663c9c5e41b28ee492ecafb648436f1149824681d6b95445ab9472c565cabd287cbaede16117fafcb9e0c51ccd8d516823dd2a275196efdbffff