securessl-eu.tessituranetworkhost.com

Issued by Starfield Secure Certificate Authority - G2

About this certificate

This digital certificate with serial number cd:10:67:68:e3:dc:19:4e was issued on by Starfield Technologies, Inc..

With 28 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=securessl-eu.tessituranetworkhost.com,OU=Domain Control Validated

Starfield Technologies, Inc.

Organization: Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): cd:10:67:68:e3:dc:19:4e
Serial Number (int): 14776424077599709518
Serial Number lenght: 64 bits, 8 octets

SubjectKeyId: 7a:aa:26:46:ba:2f:dd:de:57:34:79:97:79:5e:f6:01:f9:80:16:9b
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63

Fingerprint (sha1): 93:9f:c4:1c:97:21:de:27:74:bb:6c:4c:f0:97:d9:63:c7:1d:47:0c
Fingerprint (sha256): 32:0b:ba:ca:90:24:8e:f0:67:d2:66:c9:0b:9b:6a:af:37:00:69:64:8d:89:79:ed:8f:f5:4f:18:3d:c8:d7:80

Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt

Revocation information

OCSP Server: http://ocsp.starfieldtech.com/
CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-30.crl

Check the revocation status for certificate securessl-eu.tessituranetworkhost.com

28

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for securessl-eu.tessituranetworkhost.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

securessl-eu.tessituranetworkhost.com
www.securessl-eu.tessituranetworkhost.com
booking.garsingtonopera.org
tickets.rncm.ac.uk
tickets.bclm.com
my.npg.org.uk
ticketing.greenwichtheatre.org.uk
tickets.glasgowconcerthalls.com
tickets.festivalofvoice.wales
booking.abbeytheatre.ie
tickets.bridgewater-hall.co.uk
tickets.everymanplayhouse.com
tickets.trch.co.uk
tickets.yorkbarbican.co.uk
tickets.errolflynnfilmhouse.com
tickets.royalandderngate.co.uk
basket.scottishballet.co.uk
ticketing.grangeparkopera.co.uk
bookings.birminghamhippodrome.com
bookings.royalexchange.co.uk
tickets.scunthorpetheatres.co.uk
my.nottinghamplayhouse.co.uk
tnew.theatreroyal.co.uk
tickets.thecorecorby.com
bookings.operahollandpark.com
tickets.lakesidearts.org.uk
ticketing.almeida.co.uk
my.sciencemuseum.org.uk

Other certificates including the domain name tessituranetworkhost.com

(limited to 100 certificates)
securessl-pst1.tessituranetworkhost.com
incapsula.com
securessl-eu.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-mst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
sdna-paloapp.tessituranetworkramp.com
securessl-cst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-mst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
*.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-mst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-ap.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-mst1.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est2.tessituranetworkhost.com
securessl-pst1.tessituranetworkhost.com
securessl-eu.tessituranetworkhost.com
securessl-cst1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com
securessl-est1.tessituranetworkhost.com

Certificate

The complete raw certificate details for securessl-eu.tessituranetworkhost.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIiTCCB3GgAwIBAgIJAM0QZ2jj3BlOMA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq
aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD
VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
MB4XDTE2MDYyMDE3MDMzOFoXDTE2MDkwMzIxNTUzOFowUzEhMB8GA1UECxMYRG9t
YWluIENvbnRyb2wgVmFsaWRhdGVkMS4wLAYDVQQDEyVzZWN1cmVzc2wtZXUudGVz
c2l0dXJhbmV0d29ya2hvc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhxCqk6Pfr1fH66lNYiJtIOKqpeSF2JcO/2HQz8IdydSfw1S9RDkMFF1
fdHfSj9hg1CkcYAoJVHgK6YACWUmmizbvvdJu5MGBWzpOn/Fr98cwqt2TX16NcZb
0DAA4vKfd3Lo9YKoiIuWH0Wurv5ZaTus4+y264ZbGJLngGQPEGO47KI8cOnHHGgv
Tl1Btmig3pilfRfU3qSX8D6aR4MJuZS3jA08f/wZ9Tip93JW9FSYAg5b/mH1hC8K
oDKRX8w+5Ff4vY5e8iNjosf+EC3FiVBEJg13FSLryvKXGqi3OPutPv0sRqEF0CnN
AhQsfGdmZUuEwJVlzHbY4fJ536i++QIDAQABo4IE6jCCBOYwDAYDVR0TAQH/BAIw
ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWg
MDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuc3RhcmZpZWxkdGVjaC5jb20v
c2ZpZzJzMS0zMC5jcmwwYwYDVR0gBFwwWjBOBgtghkgBhv1uAQcXATA/MD0GCCsG
AQUFBwIBFjFodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3Jl
cG9zaXRvcnkvMAgGBmeBDAECATCBggYIKwYBBQUHAQEEdjB0MCoGCCsGAQUFBzAB
hh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8wRgYIKwYBBQUHMAKGOmh0
dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS9z
ZmlnMi5jcnQwHwYDVR0jBBgwFoAUJUWBaFAmOD07LSy+zWrZtj2zZmMwggM9BgNV
HREEggM0MIIDMIIlc2VjdXJlc3NsLWV1LnRlc3NpdHVyYW5ldHdvcmtob3N0LmNv
bYIpd3d3LnNlY3VyZXNzbC1ldS50ZXNzaXR1cmFuZXR3b3JraG9zdC5jb22CG2Jv
b2tpbmcuZ2Fyc2luZ3Rvbm9wZXJhLm9yZ4ISdGlja2V0cy5ybmNtLmFjLnVrghB0
aWNrZXRzLmJjbG0uY29tgg1teS5ucGcub3JnLnVrgiF0aWNrZXRpbmcuZ3JlZW53
aWNodGhlYXRyZS5vcmcudWuCH3RpY2tldHMuZ2xhc2dvd2NvbmNlcnRoYWxscy5j
b22CHXRpY2tldHMuZmVzdGl2YWxvZnZvaWNlLndhbGVzghdib29raW5nLmFiYmV5
dGhlYXRyZS5pZYIedGlja2V0cy5icmlkZ2V3YXRlci1oYWxsLmNvLnVrgh10aWNr
ZXRzLmV2ZXJ5bWFucGxheWhvdXNlLmNvbYISdGlja2V0cy50cmNoLmNvLnVrghp0
aWNrZXRzLnlvcmtiYXJiaWNhbi5jby51a4IfdGlja2V0cy5lcnJvbGZseW5uZmls
bWhvdXNlLmNvbYIedGlja2V0cy5yb3lhbGFuZGRlcm5nYXRlLmNvLnVrghtiYXNr
ZXQuc2NvdHRpc2hiYWxsZXQuY28udWuCH3RpY2tldGluZy5ncmFuZ2VwYXJrb3Bl
cmEuY28udWuCIWJvb2tpbmdzLmJpcm1pbmdoYW1oaXBwb2Ryb21lLmNvbYIcYm9v
a2luZ3Mucm95YWxleGNoYW5nZS5jby51a4IgdGlja2V0cy5zY3VudGhvcnBldGhl
YXRyZXMuY28udWuCHG15Lm5vdHRpbmdoYW1wbGF5aG91c2UuY28udWuCF3RuZXcu
dGhlYXRyZXJveWFsLmNvLnVrghh0aWNrZXRzLnRoZWNvcmVjb3JieS5jb22CHWJv
b2tpbmdzLm9wZXJhaG9sbGFuZHBhcmsuY29tght0aWNrZXRzLmxha2VzaWRlYXJ0
cy5vcmcudWuCF3RpY2tldGluZy5hbG1laWRhLmNvLnVrghdteS5zY2llbmNlbXVz
ZXVtLm9yZy51azAdBgNVHQ4EFgQUeqomRrov3d5XNHmXeV72AfmAFpswDQYJKoZI
hvcNAQELBQADggEBAEFojn8ATwsw/I2VAC1Uuz++tDr81dxjKhRu/ylx29+hYdPU
4ft5JTNtMz9hv8S9rE/x52w+EHFty9OvqPU/R7ZlvcIHwVuJZNqgWVi2il2bU4wP
dvhcL79+XweMa2T5/jNYRdH+D7v9NAJxfzDjLNXAFyVSp7EbGPTxCh/7SmeOPEGI
oZ4pYHK0+Np0alJofZP1KNTjPEPkU6mNHe3hE+iipwv4JTiKxEk2PgSUO78x42Wy
t8I9Axugc/sATC6BIxFJq26eDaOajw7gqNtyFMx+ozEdsfs1SvqUHxA4GVaEq7L+
3aPtEl5HvnwtUN5ghTWcd9OQPimuP6wqXPHG5Hw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhxCqk6Pfr1fH66lNYiJ
tIOKqpeSF2JcO/2HQz8IdydSfw1S9RDkMFF1fdHfSj9hg1CkcYAoJVHgK6YACWUm
mizbvvdJu5MGBWzpOn/Fr98cwqt2TX16NcZb0DAA4vKfd3Lo9YKoiIuWH0Wurv5Z
aTus4+y264ZbGJLngGQPEGO47KI8cOnHHGgvTl1Btmig3pilfRfU3qSX8D6aR4MJ
uZS3jA08f/wZ9Tip93JW9FSYAg5b/mH1hC8KoDKRX8w+5Ff4vY5e8iNjosf+EC3F
iVBEJg13FSLryvKXGqi3OPutPv0sRqEF0CnNAhQsfGdmZUuEwJVlzHbY4fJ536i+
+QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14776424077599709518
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-20 17:03:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-03 21:55:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'securessl-eu.tessituranetworkhost.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25514073331286779601899354355730808459645268477189321952176761561846481246294623554971969879250846165824350308823480244561343364815979843632688017556106966876185747764720840287766101487652707178267218587052739056558750788222579796067227503075503761750139767953651873431525051738990542216066840339766281413744951167390923729902977249852056275854912594939566823740278746181314717660296514115303442854386043291761282996954001134009816688003316330458325748230874910848054987704043629004845728282517520022428788095504804843038514350607156255369356994793755970716801500532868336086214501305041529710054479902783642358300409
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-30.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (820 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securessl-eu.tessituranetworkhost.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.securessl-eu.tessituranetworkhost.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'booking.garsingtonopera.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.rncm.ac.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.bclm.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.npg.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketing.greenwichtheatre.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.glasgowconcerthalls.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.festivalofvoice.wales'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'booking.abbeytheatre.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.bridgewater-hall.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.everymanplayhouse.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.trch.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.yorkbarbican.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.errolflynnfilmhouse.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.royalandderngate.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'basket.scottishballet.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketing.grangeparkopera.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookings.birminghamhippodrome.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookings.royalexchange.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.scunthorpetheatres.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.nottinghamplayhouse.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tnew.theatreroyal.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.thecorecorby.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookings.operahollandpark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.lakesidearts.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketing.almeida.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.sciencemuseum.org.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7aaa2646ba2fddde57347997795ef601f980169b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0041688e7f004f0b30fc8d95002d54bb3fbeb43afcd5dc632a146eff2971dbdfa161d3d4e1fb7925336d333f61bfc4bdac4ff1e76c3e10716dcbd3afa8f53f47b665bdc207c15b8964daa05958b68a5d9b538c0f76f85c2fbf7e5f078c6b64f9fe335845d1fe0fbbfd3402717f30e32cd5c0172552a7b11b18f4f10a1ffb4a678e3c4188a19e296072b4f8da746a52687d93f528d4e33c43e453a98d1dede113e8a2a70bf825388ac449363e04943bbf31e365b2b7c23d031ba073fb004c2e81231149ab6e9e0da39a8f0ee0a8db7214cc7ea3311db1fb354afa941f1038195684abb2fedda3ed125e47be7c2d50de6085359c77d3903e29ae3fac2a5cf1c6e47c