*.canopytax.com

- Canopy Tax, Inc. -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0c:63:01:c3:bb:73:34:17:ce:38:c3:2f:7f:a2:a0:f1 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Canopy Tax, Inc.

Organization: Canopy Tax, Inc.
State / Province: Utah
Locality: Lehi
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:63:01:c3:bb:73:34:17:ce:38:c3:2f:7f:a2:a0:f1
Serial Number (int): 16464809128328201651325733251055788273
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b4:04:cf:33:f5:ac:3e:9d:65:77:ec:01:f5:37:2e:ab:68:30:25:4f
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): b6:84:40:19:5f:cc:5b:27:d1:13:10:d5:35:96:81:80:a0:0c:62:36
Fingerprint (sha256): 35:c9:81:df:d2:52:b0:3c:92:30:bd:a5:76:8f:fb:c3:2f:56:c1:d7:ca:e1:69:5b:e1:75:42:65:21:e4:62:d7

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g4.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g4.crl

Check the revocation status for certificate *.canopytax.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.canopytax.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.canopytax.com
canopytax.com

Other certificates including the domain name canopytax.com

(limited to 100 certificates)
analytics.canopytax.com
nagrady.by
us.canopytax.com
sentry.canopytax.com
nagrady.by
tezaaa.com
learnmore.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
us.canopytax.com
lifeskills.ai
secure0065.hubspot.com
*.canopytax.com
us.canopytax.com
secure0065.hubspot.com
us.canopytax.com
sentry.canopytax.com
*.canopytax.com
secure0065.hubspot.com
*.canopytax.com
learnmore.canopytax.com
giftdibs.com
secure0065.hubspot.com
sentry.canopytax.com
secure0065.hubspot.com
www.canopytax.com
sentry.canopytax.com
*.canopytax.com
nithyananda.cc
*.canopytax.com
*.canopytax.com
community.canopytax.com
dev.arcs.app
www.lisbellanoivas.com.br
vanilla.canopytax.com
opencourse.canopytax.com
www.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
opencourse.canopytax.com
insights.canopytax.com
secure0065.hubspot.com
postrobcore.net
ttone.thic.cf
*.canopytax.com
*.canopytax.com
academy.canopytax.com
www.abitwiser.app
secure0065.hubspot.com
opencourse.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
www.spoice.app
vicevi.app
mobileapp.canopytax.com
kartsyapp.com
*.canopytax.com
willhackforgood.org
secure0065.hubspot.com
sentry.canopytax.com
secure0065.hubspot.com
auth.somewear.co
sentry.canopytax.com
sentry.canopytax.com
community.canopytax.com
sentry.canopytax.com
sentry.canopytax.com
canopytax.com
secure0065.hubspot.com
sportytrip.com
sso.canopytax.com
sme.canopytax.com
manage.wrappo.com.au
community.canopytax.com
learnmore.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
veedvault.com
canopytax.com
atela.net
forms.coreograph.app
us.canopytax.com
postmortemstories.tk
opencourse.canopytax.com
govops.canopytax.com
www.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
animetrending.org
*.canopytax.com
community.canopytax.com
sentry.canopytax.com
web.seremy.it
academy.canopytax.com
sentry.canopytax.com
academy.canopytax.com
sentry.canopytax.com
invite.tsu.social
sentry.canopytax.com
academy.canopytax.com

Certificate

The complete raw certificate details for *.canopytax.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIQDGMBw7tzNBfOOMMvf6Kg8TANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTUwNTA3MDAwMDAwWhcN
MTcwNzA2MTIwMDAwWjBgMQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRhaDENMAsG
A1UEBxMETGVoaTEZMBcGA1UEChMQQ2Fub3B5IFRheCwgSW5jLjEYMBYGA1UEAwwP
Ki5jYW5vcHl0YXguY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2Rck8/WhiH+X7TpxVjE4DZUBZKyroECgmyyiQbj/l2RprdMxjeNTuQc+VgYNzKgv
nk/VOxIC5E8z0U+nkSd1531Z3zO7lEcodapmNQmOgznYdYURV1c4T7Wqtp4tKve/
TpLG34NYwSx/vpyR8zp10JwyEcoK7832swy4UCU0xDbb7wH6mKCoPW1B2XZ1W5jj
lRQ9qUSfacarUXnq/dI6V2MZiblfu6fw+sSu7s/JEeE6Ls6DLhN86Kgj2Ib6XOPQ
ooX65rRLI0cSvZjcQkkPzfwgqXOBZnDxYs55I7M6WwWaCNiU/khXSs7LjOEkHv3R
2Os7Yh+LTy6BPxg/hDSFqwIDAQABo4IB2zCCAdcwHwYDVR0jBBgwFoAUD4BhHIIx
YdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFLQEzzP1rD6dZXfsAfU3LqtoMCVPMCkG
A1UdEQQiMCCCDyouY2Fub3B5dGF4LmNvbYINY2Fub3B5dGF4LmNvbTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRk
MGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzQu
Y3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc0
LmNybDBCBgNVHSAEOzA5MDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRw
czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEF
BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRw
Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVy
Q0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAH4ueRE/f+kG
aGD1Tv9Zu1Gsw++Hqsvt+v+500deVYM4olbyXcBQYHipWP7F7RR35WQHUHlTSUxE
PfR3K97E+BqqJOtZhh6C9N5d8EgncpxkQMAqMjQ3/jZEttfdEPz/yTREG9lgBlsf
/BM19NWgPYsd3rr3MqXY7HL9JhZWJajnWuda+dQCO3S1uqJeIDHdaESmgpOKm6M3
kkmT9Ia7Nm4Fs6LVdooYjwV0bvxjyvzKd7Vt40/NPwDRyZtfQ3keJfTvKSTpylBA
O8w7C6RBFl4gb3iaXk85aRtiCguvpq4WrjVh9SzEsqyVWAnRsokdbCndhVI7uk+N
+MqmiDaqQ6w=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Rck8/WhiH+X7TpxVjE4
DZUBZKyroECgmyyiQbj/l2RprdMxjeNTuQc+VgYNzKgvnk/VOxIC5E8z0U+nkSd1
531Z3zO7lEcodapmNQmOgznYdYURV1c4T7Wqtp4tKve/TpLG34NYwSx/vpyR8zp1
0JwyEcoK7832swy4UCU0xDbb7wH6mKCoPW1B2XZ1W5jjlRQ9qUSfacarUXnq/dI6
V2MZiblfu6fw+sSu7s/JEeE6Ls6DLhN86Kgj2Ib6XOPQooX65rRLI0cSvZjcQkkP
zfwgqXOBZnDxYs55I7M6WwWaCNiU/khXSs7LjOEkHv3R2Os7Yh+LTy6BPxg/hDSF
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16464809128328201651325733251055788273
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-05-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-06 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utah'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lehi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canopy Tax, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.canopytax.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27405125080764758116864053635699139630808388206802692896379774103800102884153481144096860785008608468694108623823613121821006673842802798133155925163169708811782786867940587723415104531807373444052928319693469656668036457454495133133926962910650990601255631624690127368869760760164623659884707620195191171629439760075818449794540614935935665754128547515699938590593136740686670227590375700062132320445414355618951253431628032357195777030478041962499649871068540771702804140817835623763449440245235274421213019565444708159178348105912270467057380774304776138302688509712624033595076979476880402208259374152979152405931
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b404cf33f5ac3e9d6577ec01f5372eab6830254f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.canopytax.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canopytax.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007e2e79113f7fe9066860f54eff59bb51acc3ef87aacbedfaffb9d3475e558338a256f25dc0506078a958fec5ed1477e56407507953494c443df4772bdec4f81aaa24eb59861e82f4de5df04827729c6440c02a323437fe3644b6d7dd10fcffc934441bd960065b1ffc1335f4d5a03d8b1ddebaf732a5d8ec72fd26165625a8e75ae75af9d4023b74b5baa25e2031dd6844a682938a9ba337924993f486bb366e05b3a2d5768a188f05746efc63cafcca77b56de34fcd3f00d1c99b5f43791e25f4ef2924e9ca50403bcc3b0ba441165e206f789a5e4f39691b620a0bafa6ae16ae3561f52cc4b2ac955809d1b2891d6c29dd85523bba4f8df8caa68836aa43ac