*.allina.com
- Allina Health System -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 04:38:4b:81:aa:80:cc:2a:b2:3a:06:88:ef:09:6b:c6 was issued on by DigiCert Inc.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Allina Health System
Organization:
Allina Health System
State / Province:
Minnesota
Locality: Minneapolis
Country: US
Locality: Minneapolis
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:38:4b:81:aa:80:cc:2a:b2:3a:06:88:ef:09:6b:c6Serial Number (int): 5609212061139010379101956840169761734
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 9e:b3:5f:87:e3:05:d9:d7:35:4c:6e:8f:cd:5a:de:a4:2e:89:ef:ba
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): c7:2e:27:80:ca:8f:2a:7e:5f:0b:44:2a:ca:e5:72:b6:c0:7f:7c:5d
Fingerprint (sha256): 2c:5d:08:76:bf:77:b0:b9:bd:aa:7e:43:cf:a4:5e:33:65:4e:8a:a1:83:05:a8:6b:9b:a0:e1:49:24:4b:ee:da
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate *.allina.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.allina.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.allina.com
*.allinahealth.org
allina.com
allinahealth.org
*.allinahealth.org
allina.com
allinahealth.org
Other certificates including the domain name allina.com
(limited to 100 certificates)
donate.allina.com
securelink.allina.com
accwebsecure.allina.com
remoteapps.allina.com
donate.allina.com
vid-polycom-rpadext-01.Allina.com
donate.allina.com
akn.allina.com
epiccarelink.allina.com
*.allina.com
mail.allina.com
webmail.allina.com
devsoapproxy.allina.com
eft.allina.com
tstsecurelink.allina.com
adfs.allina.com
adfs.allina.com
devexcellianmobile.allina.com
*.rsasso.allina.com
remoteapps.allina.com
webmail.allina.com
webproxy.allina.com
adfs.allina.com
webproxy.allina.com
learn.allina.com
apps.allina.com
mainspring.allina.com
polyregistration.allina.com
learn.allina.com
epiccarelink.allina.com
remoteapps.allina.com
*.allina.com
sip.allina.com
websched01.allina.com
ww2.allina.com
excellianweb.allina.com
psservices.allina.com
eft.allina.com
www.allina.com
vip-afstoreint.allina.com
radev.allina.com
mychart.allina.com
accwebsecure.allina.com
webproxy.allina.com
remoteapps.allina.com
webmail.allina.com
learn.allina.com
*.allina.com
sip.allina.com
vpn.allina.com
ww2.allina.com
www.allina.com
webmail.allina.com
devwebproxy.allina.com
webproxy.allina.com
*.allina.com
devsoapproxy.allina.com
donate.allina.com
health.allina.com
vdiprod.allina.com
akn.allina.com
health.allina.com
handheld.excellian.net
excellianmobile.allina.com
identityiq.allina.com
epiccarelink.allina.com
adfs.allina.com
mychart.allina.com
donate.allina.com
accwebsecure.allina.com
adfs.allina.com
*.allina.com
remoteapps.allina.com
vdidev.allina.com
vdidev.allina.com
apps.allina.com
radev.allina.com
*.allina.com
fmpsrv02.allina.com
hybrid.allina.com
webcarf.allina.com
mdcisedev03.allina.com
eft.allina.com
apps.allina.com
webcarf.allina.com
psrecruit.allina.com
sip.allina.com
sip.allina.com
excellianweb.allina.com
remoteapps.allina.com
*.allina.com
eft.allina.com
securelink.allina.com
devsoapproxy.allina.com
websched01.allina.com
devsoapproxy.allina.com
learn.allina.com
remoteapps.allina.com
learn.allina.com
*.allina.com
securelink.allina.com
accwebsecure.allina.com
remoteapps.allina.com
donate.allina.com
vid-polycom-rpadext-01.Allina.com
donate.allina.com
akn.allina.com
epiccarelink.allina.com
*.allina.com
mail.allina.com
webmail.allina.com
devsoapproxy.allina.com
eft.allina.com
tstsecurelink.allina.com
adfs.allina.com
adfs.allina.com
devexcellianmobile.allina.com
*.rsasso.allina.com
remoteapps.allina.com
webmail.allina.com
webproxy.allina.com
adfs.allina.com
webproxy.allina.com
learn.allina.com
apps.allina.com
mainspring.allina.com
polyregistration.allina.com
learn.allina.com
epiccarelink.allina.com
remoteapps.allina.com
*.allina.com
sip.allina.com
websched01.allina.com
ww2.allina.com
excellianweb.allina.com
psservices.allina.com
eft.allina.com
www.allina.com
vip-afstoreint.allina.com
radev.allina.com
mychart.allina.com
accwebsecure.allina.com
webproxy.allina.com
remoteapps.allina.com
webmail.allina.com
learn.allina.com
*.allina.com
sip.allina.com
vpn.allina.com
ww2.allina.com
www.allina.com
webmail.allina.com
devwebproxy.allina.com
webproxy.allina.com
*.allina.com
devsoapproxy.allina.com
donate.allina.com
health.allina.com
vdiprod.allina.com
akn.allina.com
health.allina.com
handheld.excellian.net
excellianmobile.allina.com
identityiq.allina.com
epiccarelink.allina.com
adfs.allina.com
mychart.allina.com
donate.allina.com
accwebsecure.allina.com
adfs.allina.com
*.allina.com
remoteapps.allina.com
vdidev.allina.com
vdidev.allina.com
apps.allina.com
radev.allina.com
*.allina.com
fmpsrv02.allina.com
hybrid.allina.com
webcarf.allina.com
mdcisedev03.allina.com
eft.allina.com
apps.allina.com
webcarf.allina.com
psrecruit.allina.com
sip.allina.com
sip.allina.com
excellianweb.allina.com
remoteapps.allina.com
*.allina.com
eft.allina.com
securelink.allina.com
devsoapproxy.allina.com
websched01.allina.com
devsoapproxy.allina.com
learn.allina.com
remoteapps.allina.com
learn.allina.com
*.allina.com
Certificate
The complete raw certificate details for *.allina.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHDTCCBfWgAwIBAgIQBDhLgaqAzCqyOgaI7wlrxjANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MTA3MDAwMDAwWhcNMjQxMjA3MjM1OTU5WjBtMQswCQYDVQQGEwJVUzESMBAGA1UE CBMJTWlubmVzb3RhMRQwEgYDVQQHEwtNaW5uZWFwb2xpczEdMBsGA1UEChMUQWxs aW5hIEhlYWx0aCBTeXN0ZW0xFTATBgNVBAMMDCouYWxsaW5hLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANCoUFCoZMFcc4Jjb95+0veSHKE9jxQr rhI6//xoQ0oeVbcqNIRwERfnGljzEuaJvxS3siW0MwcUo9q/KToT4McjraGC+gq6 mG4hGtgPAVUASDFF7RoXVJFU6bZRQlYzHu5/oBimtvxhcr1Y8XkB9umU23gLu/Wk P78HhhVq2EZYaqwkO49WDj/C/bNaUY9KFwhpxiz4SINA8avhlH6/N1LWSjmG/VnX Bw1YcX+9UEr2l/yOj2oxd+074UYxef9qbP+XoMQBAgGqpTHk7onTEaIvMkpq3/S/ B8HK71Yp0wRkKwT7B79MJEu7YPFrBsuW5E7oiVfh1eGY5cD9E/R4sI0CAwEAAaOC A7swggO3MB8GA1UdIwQYMBaAFHSFgMBmx9833s+9KTeqAx2+7c0XMB0GA1UdDgQW BBSes1+H4wXZ1zVMbo/NWt6kLonvujBJBgNVHREEQjBAggwqLmFsbGluYS5jb22C EiouYWxsaW5haGVhbHRoLm9yZ4IKYWxsaW5hLmNvbYIQYWxsaW5haGVhbHRoLm9y ZzA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3 LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3Js My5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBD QTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUHAQEE ezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYB BQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2Jh bEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYK KwYBBAHWeQIEAgSCAW8EggFrAWkAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR SFlGcR+1mwAAAYuqfIR1AAAEAwBHMEUCIQDD+yDIWj59OVlwQTZ3bzO5xLvsYZi6 0RkDkaP8afG1KwIgOl1VUmFetdA2vOfyEITdcrSxL1bgiBL5PWfNN9xiIQIAdgBI sONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYuqfISYAAAEAwBHMEUC IQDtdpgOOV+e4ONLR0mnSeWFRvvfGOg2tWZqNcIKLh8qvgIgSFQrOZaQ1ohNuGED SEInWwEJtozbJzZviStBwaL6hcgAdwA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvB vyiF7PhkbgAAAYuqfITYAAAEAwBIMEYCIQDnUtEd5bVuC0gJ0ZusX6S/8BGjYKXw +FJ21OPGh4hXyQIhAJy16ZF05Og6UZZIuahNI9R7MKeWArq7+yaVmtON868VMA0G CSqGSIb3DQEBCwUAA4IBAQAT9LkFv4bW8pAJU6qSyBZpKg+6dBEkvIhImGTTfwXG DKfKqtex6JWhaXdpzmaZDDbvDtNryeTd0Fx5ynb/8R0KDWTXHOhMMJ41ajHEaJQp R6sxhmN/hg5XUanStNExS8u6aqjQDzEvtQyKpkpD6HYNWcayQ3l9ACLS5ZIrqwrN P0S4LHYy8lMdI+SBFpR85wEEUl+P90IW/lFTOsLV4Jw8dmQQJ3FV3SHKgVzh1RYQ UtjINpgHrh+wj691A7i8+DAY4KaOb1+rRarqrQ+Mu3/C0XzJAzJrdvc9C+Z1/+W7 I3cVA8AyxxBq87datXYacdfK8/xNFMqF5aGx1O4Cgl4L -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KhQUKhkwVxzgmNv3n7S 95IcoT2PFCuuEjr//GhDSh5Vtyo0hHARF+caWPMS5om/FLeyJbQzBxSj2r8pOhPg xyOtoYL6CrqYbiEa2A8BVQBIMUXtGhdUkVTptlFCVjMe7n+gGKa2/GFyvVjxeQH2 6ZTbeAu79aQ/vweGFWrYRlhqrCQ7j1YOP8L9s1pRj0oXCGnGLPhIg0Dxq+GUfr83 UtZKOYb9WdcHDVhxf71QSvaX/I6PajF37TvhRjF5/2ps/5egxAECAaqlMeTuidMR oi8ySmrf9L8HwcrvVinTBGQrBPsHv0wkS7tg8WsGy5bkTuiJV+HV4ZjlwP0T9Hiw jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5609212061139010379101956840169761734 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minneapolis' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Allina Health System' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.allina.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26340566026968130658866982678661770344091862755480739943016400015772618648123787303655846341675333536593247553127906720477596395161665285816819221954159035817739386595083433531398732771064761799708416592982015933257840362690144593598415373839072008019098385415942261406449733234617563820858120853350740376479336352818455677008321517889900915334146156097399644835699372716457232888087533317181297593175528226648102730740510973133064588800672493407838370326396637108198036236542757044561937340012860206867084183272308203048660012801825081779741984789379244569485665340038068031183616030543222807331662900056614080393357 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9eb35f87e305d9d7354c6e8fcd5adea42e89efba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.allina.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.allinahealth.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allina.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allinahealth.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018baa7c84750000040300473045022100c3fb20c85a3e7d3959704136776f33b9c4bbec6198bad1190391a3fc69f1b52b02203a5d5552615eb5d036bce7f21084dd72b4b12f56e08812f93d67cd37dc62210200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018baa7c84980000040300473045022100ed76980e395f9ee0e34b4749a749e58546fbdf18e836b5666a35c20a2e1f2abe022048542b399690d6884db861034842275b0109b68cdb27366f892b41c1a2fa85c80077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018baa7c84d80000040300483046022100e752d11de5b56e0b4809d19bac5fa4bff011a360a5f0f85276d4e3c6878857c90221009cb5e99174e4e83a519648b9a84d23d47b30a79602babbfb26959ad38df3af15 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0013f4b905bf86d6f2900953aa92c816692a0fba741124bc88489864d37f05c60ca7caaad7b1e895a1697769ce66990c36ef0ed36bc9e4ddd05c79ca76fff11d0a0d64d71ce84c309e356a31c468942947ab3186637f860e5751a9d2b4d1314bcbba6aa8d00f312fb50c8aa64a43e8760d59c6b243797d0022d2e5922bab0acd3f44b82c7632f2531d23e48116947ce70104525f8ff74216fe51533ac2d5e09c3c766410277155dd21ca815ce1d5161052d8c8369807ae1fb08faf7503b8bcf83018e0a68e6f5fab45aaeaad0f8cbb7fc2d17cc903326b76f73d0be675ffe5bb23771503c032c7106af3b75ab5761a71d7caf3fc4d14ca85e5a1b1d4ee02825e0b