app.riffstash.com
Issued by COMODO RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number fd:4c:59:a1:11:98:0b:ed:cd:74:8a:f4:ea:91:ef:0d was issued on by COMODO CA Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=app.riffstash.com,OU=Domain Control Validated+OU=PositiveSSL
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): fd:4c:59:a1:11:98:0b:ed:cd:74:8a:f4:ea:91:ef:0dSerial Number (int): 336691115390466310763916145335611813645
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 80:90:f5:08:49:02:f2:91:ac:9c:58:00:b5:5a:6a:bf:69:bd:75:c4
AuthorityKeyId: 90:af:6a:3a:94:5a:0b:d8:90:ea:12:56:73:df:43:b4:3a:28:da:e7
Fingerprint (sha1): d9:3f:07:10:5d:7d:1a:1d:2c:b6:16:a3:e3:43:0f:2b:94:cf:09:d1
Fingerprint (sha256): 34:f3:ba:e1:bb:98:f2:a1:02:31:90:29:a4:fc:b0:8d:4e:28:69:d9:67:ef:5b:0e:9c:5a:10:0f:9f:92:3e:f8
Issuing Certificate URL: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
Check the revocation status for certificate app.riffstash.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for app.riffstash.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
app.riffstash.com
www.app.riffstash.com
www.app.riffstash.com
Other certificates including the domain name riffstash.com
(limited to 100 certificates)
testwww.interplay.io
ngo.costalab.net
old.insideskeleton.com
staging--links.pkgx.io
riffstash.com
rcloudsoft.app
www.trepez.com
www.thecollectivemind.co
www.riffstash.com
rcloudsoft.app
app.riffstash.com
www.dpa8600.nkportfolio.com
depwaguinhoanabal.nerit.app
jamieandlee.com
app.riffstash.com
www.naturalhealingspa.co.uk
www.hextech.tools
biryanico.co.in
ngo.costalab.net
www.techneticconsult.com
aristoc.ug
www.trepez.com
riffstash.com
app.cavio.io
kabea.co
listen.riffstash.com
directory.toothpicstaging.com
mdndeveloper.com
www.rgvstorage.net
app.riffstash.com
www.lesrouq.com
www.sebblessing.de
theastrology.app
beta.finishes.app
dodraseva.com
riffstash.com
app.riffstash.com
riffstash.com
dapple.app
battlefit.app
sparks.ee
depwaguinhoanabal.nerit.app
directory.toothpicstaging.com
kabea.co
app.cavio.io
www.riffstash.com
www.kobayuto.com
www.rgvstorage.net
www.ygorduraes.com
livechat-dev.getfriday.ai
ktimes.app
authorization.firenotes.gocloud.link
amanjamin.com
www.doubleshotblog.com
admin.artiful.de
destination.lonestaraviators.com
verify.ratingit.app
livechat-dev.getfriday.ai
prod-app.fipresta.mx
reprintapp.com
dash.bash.social
www.prealyse.com
ngo.costalab.net
old.insideskeleton.com
staging--links.pkgx.io
riffstash.com
rcloudsoft.app
www.trepez.com
www.thecollectivemind.co
www.riffstash.com
rcloudsoft.app
app.riffstash.com
www.dpa8600.nkportfolio.com
depwaguinhoanabal.nerit.app
jamieandlee.com
app.riffstash.com
www.naturalhealingspa.co.uk
www.hextech.tools
biryanico.co.in
ngo.costalab.net
www.techneticconsult.com
aristoc.ug
www.trepez.com
riffstash.com
app.cavio.io
kabea.co
listen.riffstash.com
directory.toothpicstaging.com
mdndeveloper.com
www.rgvstorage.net
app.riffstash.com
www.lesrouq.com
www.sebblessing.de
theastrology.app
beta.finishes.app
dodraseva.com
riffstash.com
app.riffstash.com
riffstash.com
dapple.app
battlefit.app
sparks.ee
depwaguinhoanabal.nerit.app
directory.toothpicstaging.com
kabea.co
app.cavio.io
www.riffstash.com
www.kobayuto.com
www.rgvstorage.net
www.ygorduraes.com
livechat-dev.getfriday.ai
ktimes.app
authorization.firenotes.gocloud.link
amanjamin.com
www.doubleshotblog.com
admin.artiful.de
destination.lonestaraviators.com
verify.ratingit.app
livechat-dev.getfriday.ai
prod-app.fipresta.mx
reprintapp.com
dash.bash.social
www.prealyse.com
Certificate
The complete raw certificate details for app.riffstash.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWDCCBECgAwIBAgIRAP1MWaERmAvtzXSK9OqR7w0wDQYJKoZIhvcNAQELBQAw gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg Q0EwHhcNMTYwOTE3MDAwMDAwWhcNMTcwOTI5MjM1OTU5WjBVMSEwHwYDVQQLExhE b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRow GAYDVQQDExFhcHAucmlmZnN0YXNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALJdGsVbZhkowDdresQRRk/qTxlZobpHXOm0ySeeJIvvlBsG2Fb4 Wj6Tkm4d/+GqxxwTQG5QZhiikDb3QFvR4W2VIkDjpR0jVXW0YSKqBZL6ObFiIDm/ RA+VmOgd66X5MjdkJPsXycehNjuDkXKvY5SGNNg3b8IIv4QkUcXPMeEA0vntLDzT U/FLHnp6Ue30ZWYauw5R6G5jrV0Hnn/8FenLjzIqSLd4vmuqRoW+B5aKqulNbL7d CDxWjYot9YbQrO1uHzSLGfGhwaHAo8FflFIRapJM7i5ejkGlF6LpDPj3lv1WqQ2k YS6eqRIEeNVudJ+IiZiUgUxv8/qfofUhX2MCAwEAAaOCAeUwggHhMB8GA1UdIwQY MBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBSAkPUISQLykaycWAC1 Wmq/ab11xDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzAr MCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZn gQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20v Q09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYI KwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNv bS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQG CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wMwYDVR0RBCwwKoIR YXBwLnJpZmZzdGFzaC5jb22CFXd3dy5hcHAucmlmZnN0YXNoLmNvbTANBgkqhkiG 9w0BAQsFAAOCAQEAhScf8zJQrHa/36zaT1eSjZ6R7djv+qokVl/eXt5kDCvjhuiI ytTd8oKX1jYNDHLLB5QPJOXvAZjtKiEfNFxqFWFemOab+goOPDfVYLwt6pUN4G4k tvls+kgLrm5QOLlkOLUKh9OkwmP1w7xdbv8J0fPlnjkN4O2r7HHQ8hG2MdSOQHgh FVTJmX0fwTM4G5+QJg7VD9waYzYVrAWd9ANLQVaCwQYZ6OFGbx9pd4R8HYVd58hg tiXrWEeldrvGPkftgfKfifCAu/Z5Tn7UUW52rS0UBOw5Xs0e0XElCbbMx0bP5WK4 09M9dH2NFAXfh+WUy3Def+vmK/iI26MYMSiFmw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl0axVtmGSjAN2t6xBFG T+pPGVmhukdc6bTJJ54ki++UGwbYVvhaPpOSbh3/4arHHBNAblBmGKKQNvdAW9Hh bZUiQOOlHSNVdbRhIqoFkvo5sWIgOb9ED5WY6B3rpfkyN2Qk+xfJx6E2O4ORcq9j lIY02Ddvwgi/hCRRxc8x4QDS+e0sPNNT8UseenpR7fRlZhq7DlHobmOtXQeef/wV 6cuPMipIt3i+a6pGhb4Hloqq6U1svt0IPFaNii31htCs7W4fNIsZ8aHBocCjwV+U UhFqkkzuLl6OQaUXoukM+PeW/VapDaRhLp6pEgR41W50n4iJmJSBTG/z+p+h9SFf YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336691115390466310763916145335611813645 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'app.riffstash.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22516329860510834368783578117421074438580167811181604671455312094556366652766853899622989825341674815814670130075824459397405449521247307646725062575618707083339329557800369813586167342068077240674996639955500478124454402900628013443797975565721909769241948105795137956159331777155347294366860298904160633966232851209853291136443976361694680337582387651487086412974124193887158269546129926249241263322728964125750661099425269150265465142815373626644136075279739695443709689724038355898283641047277949680109145359561064857400642081328800926702108176074577195908505151339963679167549029146655685008591207111138432081763 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 90af6a3a945a0bd890ea125673df43b43a28dae7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8090f5084902f291ac9c5800b55a6abf69bd75c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.riffstash.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.app.riffstash.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0085271ff33250ac76bfdfacda4f57928d9e91edd8effaaa24565fde5ede640c2be386e888cad4ddf28297d6360d0c72cb07940f24e5ef0198ed2a211f345c6a15615e98e69bfa0a0e3c37d560bc2dea950de06e24b6f96cfa480bae6e5038b96438b50a87d3a4c263f5c3bc5d6eff09d1f3e59e390de0edabec71d0f211b631d48e4078211554c9997d1fc133381b9f90260ed50fdc1a633615ac059df4034b415682c10619e8e1466f1f6977847c1d855de7c860b625eb5847a576bbc63e47ed81f29f89f080bbf6794e7ed4516e76ad2d1404ec395ecd1ed1712509b6ccc746cfe562b8d3d33d747d8d1405df87e594cb70de7febe62bf888dba3183128859b