ssl371658.cloudflaressl.com

Issued by COMODO Domain Validation Legacy Server CA 2

About this certificate

This digital certificate with serial number 3a:a2:d9:04:99:4b:fa:b3:d3:bc:87:81:2c:0c:b3:0c was issued on by COMODO CA Limited.

With 35 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • CAs MUST NOT issue any new Subscriber certificates or Subordinate CA certificates using SHA-1 after 1 January 2016 (BRs: 7.1.3)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates using the SHA-1 algorithm SHOULD NOT have an expiration date later than 1 Jan 2017 (BRs: 7.1.3)

Certificate Subject

CN=ssl371658.cloudflaressl.com,OU=Domain Control Validated+OU=Legacy Multi-Domain SSL

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 3a:a2:d9:04:99:4b:fa:b3:d3:bc:87:81:2c:0c:b3:0c
Serial Number (int): 77940777493847465021764114764090094348
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 6b:75:c7:67:20:34:6b:06:12:91:14:50:e9:70:44:db:d9:06:cc:0e
AuthorityKeyId: 99:8e:02:95:c5:1e:55:22:7b:87:70:8b:5e:1c:01:c2:76:c4:ae:e8

Fingerprint (sha1): 6b:74:53:19:eb:84:57:c0:e3:dd:93:bb:cb:94:92:ae:14:98:d9:8f
Fingerprint (sha256): 2f:65:54:f6:23:3e:43:af:88:d1:c2:11:fb:f5:d3:73:7c:5a:45:5a:75:93:6c:0f:5a:e6:11:84:13:4e:7d:38

Issuing Certificate URL: http://crt.comodoca4.com/COMODODomainValidationLegacyServerCA2.crt

Revocation information

OCSP Server: http://ocsp.comodoca4.com
CRL Distribution Point: http://crl.comodoca4.com/COMODODomainValidationLegacyServerCA2.crl

Check the revocation status for certificate ssl371658.cloudflaressl.com

35

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ssl371658.cloudflaressl.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ssl371658.cloudflaressl.com
*.agn.com.gt
*.aspire2international.ac.nz
*.azart.money
*.discoveryparts.com
*.ecoit.com.br
*.empowertexans.com
*.guatemala.gob.gt
*.heartsoul.me
*.ideocial.com
*.intelelink.net
*.kalafrosh.com
*.livwatches.com
*.presidencia.gob.gt
*.scspr.gob.gt
*.tha.jp
*.voterrecords.com
*.watchesonnet.com
agn.com.gt
aspire2international.ac.nz
azart.money
discoveryparts.com
ecoit.com.br
empowertexans.com
guatemala.gob.gt
heartsoul.me
ideocial.com
intelelink.net
kalafrosh.com
livwatches.com
presidencia.gob.gt
scspr.gob.gt
tha.jp
voterrecords.com
watchesonnet.com

Other certificates including the domain name cloudflaressl.com

(limited to 100 certificates)
ssl381797.cloudflaressl.com
sni32503.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni115750.cloudflaressl.com
sni.cloudflaressl.com
sni155855.cloudflaressl.com
sni59049.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni211154.cloudflaressl.com
sni.cloudflaressl.com
sni189810.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni856209.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni90611.cloudflaressl.com
sni.cloudflaressl.com
sni178904.cloudflaressl.com
sni26581.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni193995.cloudflaressl.com
sni44161.cloudflaressl.com
sni159804.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni146505.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni227751.cloudflaressl.com
sni240860.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni163960.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
ssl829466.cloudflaressl.com
sni.cloudflaressl.com
sni44515.cloudflaressl.com
sni.cloudflaressl.com
sni226824.cloudflaressl.com
sni.cloudflaressl.com
sni238751.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni171982.cloudflaressl.com
sni66010.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni204563.cloudflaressl.com
sni147888.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni70031.cloudflaressl.com
sni59352.cloudflaressl.com
sni165754.cloudflaressl.com
sni.cloudflaressl.com
sni234389.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni188256.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni61492.cloudflaressl.com
sni.cloudflaressl.com
sni110040.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com

Certificate

The complete raw certificate details for ssl371658.cloudflaressl.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIrTCCB5WgAwIBAgIQOqLZBJlL+rPTvIeBLAyzDDANBgkqhkiG9w0BAQUFADCB
jjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNDAyBgNV
BAMTK0NPTU9ETyBEb21haW4gVmFsaWRhdGlvbiBMZWdhY3kgU2VydmVyIENBIDIw
HhcNMTgwNjA0MDAwMDAwWhcNMTgxMjExMjM1OTU5WjBrMSEwHwYDVQQLExhEb21h
aW4gQ29udHJvbCBWYWxpZGF0ZWQxIDAeBgNVBAsTF0xlZ2FjeSBNdWx0aS1Eb21h
aW4gU1NMMSQwIgYDVQQDExtzc2wzNzE2NTguY2xvdWRmbGFyZXNzbC5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGl/+wdsocRmmL/FbPTBxQEZ6P
C/4adiX2/vCSOkygC1zDdysejnNxmaBFi27a43q1LAVRBJxNEmL/ifJ5GxkrHYJQ
6qb9DnQAaPlb9rSU5tCFLHtNYpoW2fusbYxDaLeNg4RGYPFCvdqUtPn0yZ4VKHf0
Oxo0DzONLlvKrTGns40YJ0q5Dxf0UmVapGJh3ym5oa7vUv7lgQtu0cIlY2OqNspA
Y1sSOuzueEI+LBrIsDsPVA8c3TKiI81izTg8elYkLQQcemGEext9dk1nGREEY8FQ
25D+bdduS265YGKAWlrZ8yYp8dDfi82U6jsujxVbK/VGjxFdsY6fqttUKwjDAgMB
AAGjggUnMIIFIzAfBgNVHSMEGDAWgBSZjgKVxR5VInuHcIteHAHCdsSu6DAdBgNV
HQ4EFgQUa3XHZyA0awYSkRRQ6XBE29kGzA4wDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEUGA1UdIAQ+
MDwwOgYLKwYBBAGyMQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUu
Y29tb2RvLmNvbS9DUFMwUwYDVR0fBEwwSjBIoEagRIZCaHR0cDovL2NybC5jb21v
ZG9jYTQuY29tL0NPTU9ET0RvbWFpblZhbGlkYXRpb25MZWdhY3lTZXJ2ZXJDQTIu
Y3JsMIGFBggrBgEFBQcBAQR5MHcwTgYIKwYBBQUHMAKGQmh0dHA6Ly9jcnQuY29t
b2RvY2E0LmNvbS9DT01PRE9Eb21haW5WYWxpZGF0aW9uTGVnYWN5U2VydmVyQ0Ey
LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AuY29tb2RvY2E0LmNvbTCCAnYG
A1UdEQSCAm0wggJpghtzc2wzNzE2NTguY2xvdWRmbGFyZXNzbC5jb22CDCouYWdu
LmNvbS5ndIIcKi5hc3BpcmUyaW50ZXJuYXRpb25hbC5hYy5ueoINKi5hemFydC5t
b25leYIUKi5kaXNjb3ZlcnlwYXJ0cy5jb22CDiouZWNvaXQuY29tLmJyghMqLmVt
cG93ZXJ0ZXhhbnMuY29tghIqLmd1YXRlbWFsYS5nb2IuZ3SCDiouaGVhcnRzb3Vs
Lm1lgg4qLmlkZW9jaWFsLmNvbYIQKi5pbnRlbGVsaW5rLm5ldIIPKi5rYWxhZnJv
c2guY29tghAqLmxpdndhdGNoZXMuY29tghQqLnByZXNpZGVuY2lhLmdvYi5ndIIO
Ki5zY3Nwci5nb2IuZ3SCCCoudGhhLmpwghIqLnZvdGVycmVjb3Jkcy5jb22CEiou
d2F0Y2hlc29ubmV0LmNvbYIKYWduLmNvbS5ndIIaYXNwaXJlMmludGVybmF0aW9u
YWwuYWMubnqCC2F6YXJ0Lm1vbmV5ghJkaXNjb3ZlcnlwYXJ0cy5jb22CDGVjb2l0
LmNvbS5icoIRZW1wb3dlcnRleGFucy5jb22CEGd1YXRlbWFsYS5nb2IuZ3SCDGhl
YXJ0c291bC5tZYIMaWRlb2NpYWwuY29tgg5pbnRlbGVsaW5rLm5ldIINa2FsYWZy
b3NoLmNvbYIObGl2d2F0Y2hlcy5jb22CEnByZXNpZGVuY2lhLmdvYi5ndIIMc2Nz
cHIuZ29iLmd0ggZ0aGEuanCCEHZvdGVycmVjb3Jkcy5jb22CEHdhdGNoZXNvbm5l
dC5jb20wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDuS723dc5guuFCaR+r4Z5m
ow9+X7By2IMAxHuJeqj9ywAAAWPMM1zyAAAEAwBHMEUCIEcYAOABXACQyar259Ec
RJJEXbFy12UMfD2hiq5OtexiAiEApVDTk/gLT+v7kA6+WBQQEb6AMaQF2yL+3Den
C9ZSVooAdgDbdK/uyynssf7KPnFtLOW5qrs294Rxg8ddnU83th+/ZAAAAWPMM2iQ
AAAEAwBHMEUCIGcLvJ06ld1vR/wT0Db25ApwFO6QOfp3re/zC12BN9WiAiEAl8Fw
XdoogdN37rFlGhNjHbZCuv0ecb6/rGY/5CBbjVgwDQYJKoZIhvcNAQEFBQADggEB
ADhSTV9gyNIpJwI99Dgn648JIwzvayAeDHw40qMicDC1ycebPW0yqMJlqFyL3Tuv
DcnrCGJqSCyFZZH1tsM/xgNQNiW4ClN5zdERxvVowEQn4RzIZtJrvtsdGxy9qcEY
PCF3TDONedHuSLUMW86Q7vZ0f91wJ5BJH+HrtX0Jt/1RB6uDqCNplD+CWYYbq+fB
Lx8529KqjxXZ7eaeqr2yH0QQItiob/v4kLZqsbxHep+2Um+rOlMyD5GQXNV4E0A+
RuTqPrJpPtXoFjq/0kuhDKEugX1LKu5TPp+hZ9fHZIez5wd7FaZHwrdcd325Iet3
wCvcqxdP8Hzn8yfLm8MWQBQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpf/sHbKHEZpi/xWz0wc
UBGejwv+GnYl9v7wkjpMoAtcw3crHo5zcZmgRYtu2uN6tSwFUQScTRJi/4nyeRsZ
Kx2CUOqm/Q50AGj5W/a0lObQhSx7TWKaFtn7rG2MQ2i3jYOERmDxQr3alLT59Mme
FSh39DsaNA8zjS5byq0xp7ONGCdKuQ8X9FJlWqRiYd8puaGu71L+5YELbtHCJWNj
qjbKQGNbEjrs7nhCPiwayLA7D1QPHN0yoiPNYs04PHpWJC0EHHphhHsbfXZNZxkR
BGPBUNuQ/m3XbktuuWBigFpa2fMmKfHQ34vNlOo7Lo8VWyv1Ro8RXbGOn6rbVCsI
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 77940777493847465021764114764090094348
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO Domain Validation Legacy Server CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Legacy Multi-Domain SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl371658.cloudflaressl.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25070137778393536677534553840248673181137137740605093548151079141547117290990340321820553641858538533237007037722066134877763558817912867719986059915489232122384891760618138805206859279176280589073036066059087658059399936754632641892683572228663188534830804454760711210451771170665764900422717280670102867562197214015458483602712224590063337245747896437180813644654421392965947889197869921854058107848862612860777930637433953085704261227807884920836119415754827566614613225657057468829647915970099098754648693907165672247161683172108745142176368927509441073200069726146382499724924710249171509855774937866205848602819
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 998e0295c51e55227b87708b5e1c01c276c4aee8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6b75c76720346b0612911450e97044dbd906cc0e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca4.com/COMODODomainValidationLegacyServerCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca4.com/COMODODomainValidationLegacyServerCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca4.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (621 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl371658.cloudflaressl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.agn.com.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aspire2international.ac.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.azart.money'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.discoveryparts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ecoit.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.empowertexans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.guatemala.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.heartsoul.me'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ideocial.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.intelelink.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kalafrosh.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.livwatches.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.presidencia.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.scspr.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tha.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.voterrecords.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watchesonnet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agn.com.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aspire2international.ac.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azart.money'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'discoveryparts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecoit.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'empowertexans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'guatemala.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heartsoul.me'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ideocial.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intelelink.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kalafrosh.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livwatches.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'presidencia.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scspr.gob.gt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tha.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voterrecords.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'watchesonnet.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000163cc335cf200000403004730450220471800e0015c0090c9aaf6e7d11c4492445db172d7650c7c3da18aae4eb5ec62022100a550d393f80b4febfb900ebe58141011be8031a405db22fedc37a70bd652568a007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000163cc33689000000403004730450220670bbc9d3a95dd6f47fc13d036f6e40a7014ee9039fa77adeff30b5d8137d5a202210097c1705dda2881d377eeb1651a13631db642bafd1e71bebfac663fe4205b8d58
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0038524d5f60c8d22927023df43827eb8f09230cef6b201e0c7c38d2a3227030b5c9c79b3d6d32a8c265a85c8bdd3baf0dc9eb08626a482c856591f5b6c33fc603503625b80a5379cdd111c6f568c04427e11cc866d26bbedb1d1b1cbda9c1183c21774c338d79d1ee48b50c5bce90eef6747fdd702790491fe1ebb57d09b7fd5107ab83a82369943f8259861babe7c12f1f39dbd2aa8f15d9ede69eaabdb21f441022d8a86ffbf890b66ab1bc477a9fb6526fab3a53320f91905cd57813403e46e4ea3eb2693ed5e8163abfd24ba10ca12e817d4b2aee533e9fa167d7c76487b3e7077b15a647c2b75c777db921eb77c02bdcab174ff07ce7f327cb9bc3164014