mychart.primehealthcare.com

- Prime Healthcare Management, Inc. -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 01:6b:5f:fa:d9:37:10:c2:6d:d1:59:f2:8f:07:13:8b was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Prime Healthcare Management, Inc.

Organization: Prime Healthcare Management, Inc.
State / Province: California
Locality: Ontario
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 01:6b:5f:fa:d9:37:10:c2:6d:d1:59:f2:8f:07:13:8b
Serial Number (int): 1886750462825935099687209192812647307
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 68:05:e7:5b:7f:84:65:31:ec:04:b5:45:11:44:6a:09:2b:c8:5d:ee
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): 67:84:a5:76:8d:b4:45:d5:70:46:96:83:30:e5:dc:79:eb:be:46:1f
Fingerprint (sha256): 32:12:e2:04:42:e2:e6:79:93:d7:c0:0b:02:8f:6a:d8:1d:a2:c8:5c:b1:1e:b3:23:80:9d:27:3e:51:41:94:60

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate mychart.primehealthcare.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mychart.primehealthcare.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mychart.primehealthcare.com
www.mychart.primehealthcare.com

Other certificates including the domain name primehealthcare.com

(limited to 100 certificates)
*.primehealthcare.com
primehealthcare.com
primehealthcare.com
careers.primehealthcare.com
PHSEV01.PRIMEHEALTHCARE.COM
phsev04.primehealthcare.com
ps360.primehealthcare.com
www.primehealthcare.com
phsi.us
cs.primehealthcare.com
primehealthcare.com
*.primehealthcare.com
primehealthcare.com
helpdesk.warren-wilson.edu
*.primehealthcare.com
*.primehealthcare.com
CO-MOVITAUTO01P.phsi.primehealthcare.com
cardioserver.primehealthcare.com
zmail.primehealthcare.com
mychart.primehealthcare.com
*.primehealthcare.com
phsi-expwaye-cl.phsi.primehealthcare.com
webmail.primehealthcare.com
primehealthcare.com
primehealthcare.com
supportdesks.portland.ac.uk
*.phsi.primehealthcare.com
pmcportal.primehealthcare.com
epicsoapproxyprod.primehealthcare.com
helpdesk.warren-wilson.edu
servicedesk.primehealthcare.com
hpfweb.primehealthcare.com
mychart.primehealthcare.com
helpdesk.acpro.com
croh-xdr.primehealthcare.com
CO-MOVITXFER01P.phsi.primehealthcare.com
primehealthcare.com
primehealthcare.com
CO-SWMGTCON01P.phsi.primehealthcare.com
hpfweb.primehealthcare.com
helpdesk.warren-wilson.edu
epichswextprd.primehealthcare.com
primehealthcare.com
*.primehealthcare.com
hpfweb.primehealthcare.com
primehealthcare.com
co-vpn.primehealthcare.com
mrtxvdi.primehealthcare.com
gateway.primehealthcare.com
servicedesk.dai.co.uk
mychartpoc.phsi.primehealthcare.com
primehealthcare.com
phsivdi.primehealthcare.com
Smrmc-nxhie-prod.primehealthcare.com
eprescribingtest.primehealthcare.com
ps360a.primehealthcare.com
*.phsi.primehealthcare.com
apps.primehealthcare.com
epicsfdprod.primehealthcare.com
*.primehealthcare.com
*.primehealthcare.com
gateway.primehealthcare.com
epicsfdprod.primehealthcare.com
www.primehealthcare.com
careers.primehealthcare.com
executive.primehealthcare.com
ehp.primehealthcare.com
CO-MOVITAUTO01P.phsi.primehealthcare.com
primehealthcare.com
gateway-glen.primehealthcare.com
onbaseweb.primehealthcare.com
vpn.primehealthcare.com
phsi-expwaye.primehealthcare.com
*.primehealthcare.com
epicmblnonprod.phsi.primehealthcare.com
*.phsi.primehealthcare.com
citrix.primehealthcare.com
*.phsi.primehealthcare.com
*.primehealthcare.com
phsi.us
primehealthcare.com
gateway.primehealthcare.com
EpicSFDNonProd.primehealthcare.com
zmail.primehealthcare.com
co-vpn.primehealthcare.com
primehealthcare.com
patientportal-sjomo.primehealthcare.com
epichswexttst.primehealthcare.com
epicsfdprod.primehealthcare.com
epicsfdprod.primehealthcare.com
mobicontrol.phsi.primehealthcare.com
*.primehealthcare.com
mobicontrol.phsi.primehealthcare.com
phsivdi.primehealthcare.com
www.preplanbedell.com
primehealthcare.com
my.primehealthcare.com
mychart.primehealthcare.com
www.primehealthcare.com
*.primehealthcare.com

Certificate

The complete raw certificate details for mychart.primehealthcare.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIQAWtf+tk3EMJt0VnyjwcTizANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
MTI1MDAwMDAwWhcNMjUwMjI0MjM1OTU5WjCBhjELMAkGA1UEBhMCVVMxEzARBgNV
BAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB09udGFyaW8xKjAoBgNVBAoTIVByaW1l
IEhlYWx0aGNhcmUgTWFuYWdlbWVudCwgSW5jLjEkMCIGA1UEAxMbbXljaGFydC5w
cmltZWhlYWx0aGNhcmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmBYbfMEP7f2PgAQryBQsjzUS1bzwHAxxDhFuHlhH79e6GkQl2XCMGs6rl/jQ
8qe/KcXKyBtOUvc64D2z99ZPX8uHdftc4smIO++JPYOO1rE8Gk9pXxOgcr/M9PdN
DLuDc39Q1Vi7L3+MyIQVs0ZA1d31ShF6Gst9YpgwsdEiD8d6jgkP2X7/3jHk9sYM
EOOc+Op0EL8fckRyF+/jAjsaNv0LDKphHFBjxnuSJl+wuLJGlOsL3uR7Tf/tXLRC
HVQXIEIm7j5eEpuYB+F7FQxnou0smDMENrD/LulhPtHpbuciQlW4xxMm8u41fO/O
47vVYo/wwaCv9VHX3DHO1iRm0QIDAQABo4IDuDCCA7QwHwYDVR0jBBgwFoAUdIWA
wGbH3zfez70pN6oDHb7tzRcwHQYDVR0OBBYEFGgF51t/hGUx7AS1RRFEagkryF3u
MEcGA1UdEQRAMD6CG215Y2hhcnQucHJpbWVoZWFsdGhjYXJlLmNvbYIfd3d3Lm15
Y2hhcnQucHJpbWVoZWFsdGhjYXJlLmNvbTA+BgNVHSAENzA1MDMGBmeBDAECAjAp
MCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0f
BIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH
bG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9j
cmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAy
MENBMS0xLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8v
b2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRp
Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0x
LmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgBO
daMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY1B78xcAAAEAwBHMEUC
IQCY/cbRcrbswANAab5CkQLLUxCthfOLD8fNucnFt8MrlgIgMyoFbGv6kTwiILib
5q2LL8lcwIRINFasOmIXrnpJ4LcAdQB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkD
L9kOjC55uAAAAY1B78wVAAAEAwBGMEQCIDKUPmimZXvRZs89Nbkzbz8E3rnQUK9K
t4SVr1CUo69HAiBTIprqhgoLDrS2hX/5wfw9cGx5OyysGr8YYntOid6wyQB3AObS
MWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjUHvzFEAAAQDAEgwRgIh
APHKjaRRg4iXsWw9qNqHXDttTn/2+azQEfVNiC/O+21mAiEAuRS4ekzC+opAgFyI
5SIRebF79Ql5HGqXX+9TnbcWmMIwDQYJKoZIhvcNAQELBQADggEBAL6aTo14Lyxj
hutsekqSue5x4601E6wgMBDi0P+7m6J5pq1B9SAQ7A3fGjRT3d8G0Ntw7kRB8N77
j68BvBs1raop7xQ95A1I57jT5sS5vYhAT5wgmGJswwhmDENuVA8Axr/QfLwdHDCW
zdEBhGIWrzFcSFVV8GWPiu7iiK7FCRGyYIKNbuzYFsi8QxwqDxPWv+cuk68JVcPm
ojwORvFkgtyc6SuL56HQNjbU7cDiOL7wHFBJRNKKTMcNJC83gvS8n8HX2VyZ0z+j
MoqUHkic8eYMGxLjqxihCRCcD3bslM6bQvA3xaNR+UyEuOh0Qo3HTYAnWuyFjEex
92Z2942gub4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBYbfMEP7f2PgAQryBQs
jzUS1bzwHAxxDhFuHlhH79e6GkQl2XCMGs6rl/jQ8qe/KcXKyBtOUvc64D2z99ZP
X8uHdftc4smIO++JPYOO1rE8Gk9pXxOgcr/M9PdNDLuDc39Q1Vi7L3+MyIQVs0ZA
1d31ShF6Gst9YpgwsdEiD8d6jgkP2X7/3jHk9sYMEOOc+Op0EL8fckRyF+/jAjsa
Nv0LDKphHFBjxnuSJl+wuLJGlOsL3uR7Tf/tXLRCHVQXIEIm7j5eEpuYB+F7FQxn
ou0smDMENrD/LulhPtHpbuciQlW4xxMm8u41fO/O47vVYo/wwaCv9VHX3DHO1iRm
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1886750462825935099687209192812647307
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Prime Healthcare Management, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mychart.primehealthcare.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19199123906451731848164386852857775082638962746476603163898401083266432461971474035924865534357722964772826455170291381667807440250218255433610106779768778662471444147758479863290912721640775285610396686363925981268028535928487178652327890086568664484549087915237693940820910133308482989906618665411130563252756794349938894725967971339810459783146494452090633100979982881316704855836089437930737395122382631815195915838936542636947536836319526211316252973185308843858640033524669569575747029850889556136551698260948170768732527854022757225326577662532881892666455569188665011676709238511136996997103145126563011651281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6805e75b7f846531ec04b54511446a092bc85dee
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mychart.primehealthcare.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mychart.primehealthcare.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d41efcc5c000004030047304502210098fdc6d172b6ecc0034069be429102cb5310ad85f38b0fc7cdb9c9c5b7c32b960220332a056c6bfa913c2220b89be6ad8b2fc95cc084483456ac3a6217ae7a49e0b70075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d41efcc150000040300463044022032943e68a6657bd166cf3d35b9336f3f04deb9d050af4ab78495af5094a3af47022053229aea860a0b0eb4b6857ff9c1fc3d706c793b2cac1abf18627b4e89deb0c9007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d41efcc510000040300483046022100f1ca8da451838897b16c3da8da875c3b6d4e7ff6f9acd011f54d882fcefb6d66022100b914b87a4cc2fa8a40805c88e5221179b17bf509791c6a975fef539db71698c2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00be9a4e8d782f2c6386eb6c7a4a92b9ee71e3ad3513ac203010e2d0ffbb9ba279a6ad41f52010ec0ddf1a3453dddf06d0db70ee4441f0defb8faf01bc1b35adaa29ef143de40d48e7b8d3e6c4b9bd88404f9c2098626cc308660c436e540f00c6bfd07cbc1d1c3096cdd101846216af315c485555f0658f8aeee288aec50911b260828d6eecd816c8bc431c2a0f13d6bfe72e93af0955c3e6a23c0e46f16482dc9ce92b8be7a1d03636d4edc0e238bef01c504944d28a4cc70d242f3782f4bc9fc1d7d95c99d33fa3328a941e489cf1e60c1b12e3ab18a109109c0f76ec94ce9b42f037c5a351f94c84b8e874428dc74d80275aec858c47b1f76676f78da0b9be