firstniagara.com
- Key Bank -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 04:19:79:e3:66:1c:87:6a:26:24:79:ef:06:eb:76:93 was issued on by DigiCert Inc.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Key Bank
Organization:
Key Bank
State / Province:
Ohio
Locality: Cleveland
Country: US
Locality: Cleveland
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:19:79:e3:66:1c:87:6a:26:24:79:ef:06:eb:76:93Serial Number (int): 5449191592559927174759343583493060243
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 18:bb:eb:f6:90:3f:12:91:61:06:20:7f:e1:ac:68:1b:06:c4:01:61
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): a5:e4:38:e4:3f:bf:8c:ca:ab:d9:de:ef:94:c2:c9:aa:2b:07:c5:dc
Fingerprint (sha256): 31:07:c3:46:f6:7c:a5:73:07:d6:19:ea:34:50:95:bf:3d:99:48:6a:80:c3:10:1a:c9:15:03:52:46:c2:1c:0c
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-2.crl
Check the revocation status for certificate firstniagara.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firstniagara.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
firstniagara.com
fnfg.com
www.fnfg.com
www.firstniagara.com
www.temp.firstniagara.com
temp.firstniagara.com
fnfg.com
www.fnfg.com
www.firstniagara.com
www.temp.firstniagara.com
temp.firstniagara.com
Other certificates including the domain name firstniagara.com
(limited to 100 certificates)
Onlinebanking.FirstNiagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
cmm.firstniagara.com
firstniagara.com
qa-bolbwpl.fnfg.com
ebenefitsbilling.firstniagara.com
www.firstniagara.com
ebenefitsbilling.firstniagara.com
firstniagara.com
firstniagara.com
firstniagara.com
mft.firstniagara.com
fundstransfer.firstniagara.com
myfilegateway.firstniagara.com
firstniagara.keybank.com
firstniagara.com
firstniagara.com
firstniagara.com
apply.firstniagara.com
stage2.firstniagara.com
firstniagara.com
ebenefitsbilling.firstniagara.com
abl.firstniagara.com
stage2.firstniagara.com
www.firstniagara.com
mobile.firstniagara.com
www.firstniagara.com
firstniagara.com
firstniagara.com
mobile.firstniagara.com
richchannel02.firstniagara.com
dmyfilegateway.firstniagara.com
onlineservices.firstniagara.com
firstniagara.com
myfilegateway.firstniagara.com
abl.firstniagara.com
mobile.firstniagara.com
test-fundstransfer.firstniagara.com
abl.firstniagara.com
apply.firstniagara.com
richchannel02.firstniagara.com
richchannel02.firstniagara.com
firstniagara.com
abl.firstniagara.com
abl.firstniagara.com
qmyfilegateway.firstniagara.com
Certificate
The complete raw certificate details for firstniagara.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHLjCCBhagAwIBAgIQBBl542Ych2omJHnvBut2kzANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MTI3MDAwMDAwWhcNMjQxMjExMjM1OTU5WjBeMQswCQYDVQQGEwJVUzENMAsGA1UE CBMET2hpbzESMBAGA1UEBxMJQ2xldmVsYW5kMREwDwYDVQQKEwhLZXkgQmFuazEZ MBcGA1UEAxMQZmlyc3RuaWFnYXJhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAIqovx8jxm/zgKaZjSrA/vIvyVBTHQkzAXnNGI0aHLIR3WT5taVQ S4s8mMlfEAPdd4g2pU0rkBKPlTNNnxkSbzXp7uykwjXwOsF55lb7xciJXrwZtHCv K/7Y75/nUEI62zZJ82gBca/2haA0/HTxMbEW1hRwQOqBtN7w5gIed0C+tNmp0yR0 Y+5fSqXbnObmozBJxQEweTMKJtRVwSh2ifOk0WZlrW1VRnEl56206VgsI86NTPla Pj2kCVP0YnvqE+NS3o6+ZxqadlDxnHMA9q3uXY3LoyLeSHGARA3YK+GgMkci5KLJ WSsZOChghGF5hM0JOIM5MM0dVkbCBqhlR/0CAwEAAaOCA+swggPnMB8GA1UdIwQY MBaAFHSFgMBmx9833s+9KTeqAx2+7c0XMB0GA1UdDgQWBBQYu+v2kD8SkWEGIH/h rGgbBsQBYTB7BgNVHREEdDByghBmaXJzdG5pYWdhcmEuY29tgghmbmZnLmNvbYIM d3d3LmZuZmcuY29tghR3d3cuZmlyc3RuaWFnYXJhLmNvbYIZd3d3LnRlbXAuZmly c3RuaWFnYXJhLmNvbYIVdGVtcC5maXJzdG5pYWdhcmEuY29tMD4GA1UdIAQ3MDUw MwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv bS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0yLmNybDBIoEag RIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNS U0FTSEEyNTYyMDIwQ0ExLTIuY3JsMIGFBggrBgEFBQcBAQR5MHcwJAYIKwYBBQUH MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBPBggrBgEFBQcwAoZDaHR0cDov L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEy NTYyMDIwQ0ExLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8E ggFrAWkAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYwRF3hL AAAEAwBHMEUCIQDtFg4MqiF6gucXAs7dWXSqS63VAV8C3CvWVGkbXE4iuQIgFjub uF/u015C13InR1dpZvMTL2vmuUpYh0CQmzzuuB4AdgBIsONr2qZHNA/lagL6nTDr HFIBy1bdLIHZu7+rOdiEcwAAAYwRF3fWAAAEAwBHMEUCIASDEU3EV24vlBqqvs2c bCE5WgwWEwwUaKLOp36f+aFGAiEAsAPB+UkdRgg36NRDN5l9EAe4YFMy3LBny0Ke 2+TJXZAAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYwRF3fa AAAEAwBIMEYCIQC9mjcizijl9yhzHw/ELX1qoaQwcuz4gi5b0s2sGL2ebgIhAP2m L3MRNrQmgHXvs2g2I+hYE2HaDk0OFafevGLNIFEkMA0GCSqGSIb3DQEBCwUAA4IB AQASdZqgSDFiTbsaCuoljlsVFdFDJ6OG+JWp9KBLBDzb/5UMPzdIPR+E76bgQ1+o 9lRjpZMMvxMu4geCR7vXeZ71EbBR0YK0QQkXBfOn7v2rGrAbHywo2+x1rm+b0jdc A4Sp8NDzPTRpCYdf5Kni7mTw5947zjPT/GDCaz+YDe1eih4b4o7AEd0dOqSuzUiL EXMIir7qxvkhlS8R5BA0M0K+sdw2qaH4mnEH+mqIkF43Sw/Jzfq2SwxT0QAZldOO UtErRHL8dQZ9v1loYLK+wqCotr6BdI56pWSRvlmo70sl6Rmj/CuF0uQ6YEWwWa13 vPAxAnp3R7Sfgj09mu6fJhqw -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqi/HyPGb/OAppmNKsD+ 8i/JUFMdCTMBec0YjRocshHdZPm1pVBLizyYyV8QA913iDalTSuQEo+VM02fGRJv Nenu7KTCNfA6wXnmVvvFyIlevBm0cK8r/tjvn+dQQjrbNknzaAFxr/aFoDT8dPEx sRbWFHBA6oG03vDmAh53QL602anTJHRj7l9Kpduc5uajMEnFATB5Mwom1FXBKHaJ 86TRZmWtbVVGcSXnrbTpWCwjzo1M+Vo+PaQJU/Rie+oT41Lejr5nGpp2UPGccwD2 re5djcujIt5IcYBEDdgr4aAyRyLkoslZKxk4KGCEYXmEzQk4gzkwzR1WRsIGqGVH /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5449191592559927174759343583493060243 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cleveland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Key Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firstniagara.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17504098119798056369726116911451333187999745260263469282663067087401823242111155222726336996827087789550673576069661680671773012760847088015374056997775474399196700108530269890537804403407297123256196281859080516231830763592988023027921318760337503535105931733511375752065716206008303315052167188598313837829026573027610517894731255585089568975329862914861908738901478288135378317539973117910520602705304656422511680576227346456712713199659953143404214751363103697806175271097973339524548849664375502885851324168645723698573790497701904810211884165584763392823090044342851874928804675341376989321402700750288289351677 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 18bbebf6903f12916106207fe1ac681b06c40161 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fnfg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fnfg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.temp.firstniagara.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'temp.firstniagara.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c1117784b0000040300473045022100ed160e0caa217a82e71702cedd5974aa4badd5015f02dc2bd654691b5c4e22b90220163b9bb85feed35e42d7722747576966f3132f6be6b94a588740909b3ceeb81e00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c111777d6000004030047304502200483114dc4576e2f941aaabecd9c6c21395a0c16130c1468a2cea77e9ff9a146022100b003c1f9491d460837e8d44337997d1007b8605332dcb067cb429edbe4c95d90007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c111777da0000040300483046022100bd9a3722ce28e5f728731f0fc42d7d6aa1a43072ecf8822e5bd2cdac18bd9e6e022100fda62f731136b4268075efb3683623e8581361da0e4d0e15a7debc62cd205124 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0012759aa04831624dbb1a0aea258e5b1515d14327a386f895a9f4a04b043cdbff950c3f37483d1f84efa6e0435fa8f65463a5930cbf132ee2078247bbd7799ef511b051d182b441091705f3a7eefdab1ab01b1f2c28dbec75ae6f9bd2375c0384a9f0d0f33d346909875fe4a9e2ee64f0e7de3bce33d3fc60c26b3f980ded5e8a1e1be28ec011dd1d3aa4aecd488b1173088abeeac6f921952f11e410343342beb1dc36a9a1f89a7107fa6a88905e374b0fc9cdfab64b0c53d1001995d38e52d12b4472fc75067dbf596860b2bec2a0a8b6be81748e7aa56491be59a8ef4b25e919a3fc2b85d2e43a6045b059ad77bcf031027a7747b49f823d3d9aee9f261ab0