prodconf-dev.braintree.tools

- PayPal, Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 0f:86:57:19:54:1b:73:19:32:10:62:eb:12:4d:b5:30 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

PayPal, Inc.

Organization: PayPal, Inc.
Organization unit: Braintree Development
State / Province: California
Locality: San Jose
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:86:57:19:54:1b:73:19:32:10:62:eb:12:4d:b5:30
Serial Number (int): 20635954292186910906759720337606030640
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 1e:f2:62:32:22:16:af:08:55:aa:da:04:c5:f7:d2:9a:57:33:ed:89
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): c1:41:91:ba:b2:4d:f3:15:54:ee:1b:e5:00:4d:df:d2:86:26:e6:64
Fingerprint (sha256): 3a:40:ff:6f:3a:04:24:c2:b9:4e:d6:b6:e8:e5:2d:d1:de:2b:32:21:04:17:d7:fb:a1:d2:8d:45:bc:b9:9c:b2

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl

Check the revocation status for certificate prodconf-dev.braintree.tools

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for prodconf-dev.braintree.tools

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

prodconf-dev.braintree.tools

Other certificates including the domain name braintree.tools

(limited to 100 certificates)
briskqa.braintree.tools
prodconf.braintree.tools
jira.braintree.tools
graphite.qwt.braintree.tools
graphite.qwt.braintree.tools
tugboat.braintree.tools
disputin.sandbox.braintree.tools
puppetdb.braintree.tools
*.cpair.dev.braintree.tools
brisk.braintree.tools
tugboat.sand.braintree.tools
environmentalist.braintree.tools
brisk.sandbox.braintree.tools
tugboat.braintree.tools
disputes-panel.braintree.tools
graphite.qa.braintree.tools
buildtree.braintree.tools
disputes-panel.braintree.tools
jira.braintree.tools
data-airflow.sand.braintree.tools
*.qa2.braintree.tools
artifactory-dev.braintree.tools
artifactory-dev.braintree.tools
graphite.qwt.braintree.tools
graphite.qa.braintree.tools
funding.chi.braintree.tools
brainiac.braintree.tools
tugboat.braintree.tools
jira.braintree.tools
bazaar.braintree.tools
bazaar.braintree.tools
*.us-west-2.cpair.dev.braintree.tools
data-airflow.braintree.tools
*.us-west-1.cpair.dev.braintree.tools
k8s-dashboard-qa-us-west-2.braintree.tools
*.braintree.tools
k8s-dashboard-blue-qwt.braintree.tools
k8s-dashboard.sandbox.braintree-api.com
k8s-dashboard-blue-sand.braintree.tools
puppetdb.braintree.tools
k8s-dashboard-blue-stc.braintree.tools
prodconf.braintree.tools
k8s-dashboard.data-production.braintree-api.com
funding.chi.braintree.tools
data-airflow.sand.braintree.tools
disputin.braintree.tools
ops-panel.braintree.tools
*.cpair.dev.braintree.tools
puppetdb.braintree.tools
brisk.braintree.tools
disputes-panel.braintree.tools
briskqa-http-prod-us-west-2.production.braintree-api.com
event-sink-prod.braintree.tools
graphite.qwt.braintree.tools
graphite.sand.braintree.tools
ghost.braintree.tools
graphite.qa.braintree.tools
bazaar.sandbox.braintree.tools
artifactory-dev.braintree.tools
graphite.sand.braintree.tools
prodconf.braintree.tools
prodconf-dev.braintree.tools
briskqa.braintree.tools
dockerhub.braintree.tools
*.stc.braintree.tools
ghost.braintree.tools
ghost.braintree.tools
graphite.qwt.braintree.tools
brisk.braintree.tools
c3.chi.braintreepayments.com
k8s-dashboard.dev.braintree-api.com
snippets.braintree.tools
disputin.sandbox.braintree.tools
data-airflow-flower.braintree.tools
jenkins.jenkins-sand.braintree-api.com
*.cpair.dev.braintree.tools
data-airflow.braintree.tools
knowledge.braintree.tools
tugboat.braintree.tools
graphite.qa.braintree.tools
*.us-east-2.cpair.dev.braintree.tools
disputes-panel.braintree.tools
graphite.sand.braintree.tools
nabstatements.sandbox.braintree.tools
jenkins.jenkins-prod.braintree-api.com
nabstatements.braintree.tools
knowledge.braintree.tools
ghost.braintree.tools
reporting-taskworker-flower.braintree.tools
tugboat.braintree.tools
*.us-east-1.cpair.dev.braintree.tools
data-airflow.sand.braintree.tools
*.qa.braintree.tools
prodconf-dev.braintree.tools
graphite.qwt.braintree.tools
k8s-dashboard.production.braintree-api.com
k8s-dashboard-prod-us-west-2.braintree.tools
grafana.braintree.tools
jenkins.jenkins-prod.braintree-api.com
ops-panel.braintree.tools

Certificate

The complete raw certificate details for prodconf-dev.braintree.tools in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIQD4ZXGVQbcxkyEGLrEk21MDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yMDAxMjcwMDAwMDBaFw0yMjA0MDYxMjAwMDBa
MIGTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI
U2FuIEpvc2UxFTATBgNVBAoTDFBheVBhbCwgSW5jLjEeMBwGA1UECxMVQnJhaW50
cmVlIERldmVsb3BtZW50MSUwIwYDVQQDExxwcm9kY29uZi1kZXYuYnJhaW50cmVl
LnRvb2xzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzb9O9bAQp+U
YTnLPr3WoThIudEMoXk8ERJVJ+wuJdFB4WNDAFNzoN2F5shKffaygLD0dqsC/B0h
piGnf8AtnErI7irQMOaFmCYEvGppjiM1r1tQQifYgKZcOkTVB05WecTVBmoI+pZR
0DO9lqlNN4jlTrOu7x49qDbVle7vfg0G6gmFmQaqPyCAnrOnBWuBKYqJ+XGcL9Ol
ExUFBcEDdQTgxoSnnq7Q6WgNv74Mm2Nz3EKTcyV1DjPtaj6b5L1nQmbMmtAckgt6
yuwoXpDFHumAKfsH4DXFio7xYLCtgmNTckP19aspPUfLwN+DQ+li2J3ymxjc+r6y
SymiTJxfswIDAQABo4ICCjCCAgYwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKi
ErhZcjswHQYDVR0OBBYEFB7yYjIiFq8IVaraBMX30ppXM+2JMCcGA1UdEQQgMB6C
HHByb2Rjb25mLWRldi5icmFpbnRyZWUudG9vbHMwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSg
MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYu
Y3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBz
Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3
MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEF
BQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhp
Z2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5
AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVaxAJPytNk0tKxcbubevj3w
TWQuTezSMrcdq/DIh/MpXAjURGDjZRjzaEZRSNgGvKFMXfCcWH/Fw8l3h73jW6Bo
VnCfP+yGzJ0EozTv6wHMiqsAbgN2/W0sXnYd11sjJZN+PdqCJW5sHCQ2YM4Q/E4O
CmLpdZKC+uEemT434UawqE/H0O/sLVwF4P+XqDKvLjshqNtXaPe4cZmEofOi3Ipm
wbV+9mlZcpj4fZyObChIZHqqAVBSCxO53CLyRdzDYLFF8NGdSvYu1L85jsGM1KO4
nBHl/DmcBl5v9YLevjq6hN33i8Qr8mtO2PAC6WQCTieWUbSH7jpDyYodwRRc6w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzb9O9bAQp+UYTnLPr3W
oThIudEMoXk8ERJVJ+wuJdFB4WNDAFNzoN2F5shKffaygLD0dqsC/B0hpiGnf8At
nErI7irQMOaFmCYEvGppjiM1r1tQQifYgKZcOkTVB05WecTVBmoI+pZR0DO9lqlN
N4jlTrOu7x49qDbVle7vfg0G6gmFmQaqPyCAnrOnBWuBKYqJ+XGcL9OlExUFBcED
dQTgxoSnnq7Q6WgNv74Mm2Nz3EKTcyV1DjPtaj6b5L1nQmbMmtAckgt6yuwoXpDF
HumAKfsH4DXFio7xYLCtgmNTckP19aspPUfLwN+DQ+li2J3ymxjc+r6ySymiTJxf
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20635954292186910906759720337606030640
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-06 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Jose'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PayPal, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Braintree Development'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prodconf-dev.braintree.tools'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24138632430869710595056502706706297494921661023758847495063801808072531704377352101099433786592262239977115518272423638508131044763529818955003073963745217756255188785378494422845281263552144203245788600968635258419990353949096601592740721338738967941795624141437225214819004697070520619023805316899371401406298792801888433328856100571377234511059861746655490938017459661053010310959288977365990760850459289879809067242486390585252206868309411694857010301424316386126338986334776215294445385200478632237275543652860196005421104206821560979265397728012098185248803031838494013392389268961934705566768943992789788286899
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1ef262322216af0855aada04c5f7d29a5733ed89
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodconf-dev.braintree.tools'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002d56b10093f2b4d934b4ac5c6ee6debe3df04d642e4decd232b71dabf0c887f3295c08d44460e36518f368465148d806bca14c5df09c587fc5c3c97787bde35ba06856709f3fec86cc9d04a334efeb01cc8aab006e0376fd6d2c5e761dd75b2325937e3dda82256e6c1c243660ce10fc4e0e0a62e9759282fae11e993e37e146b0a84fc7d0efec2d5c05e0ff97a832af2e3b21a8db5768f7b8719984a1f3a2dc8a66c1b57ef669597298f87d9c8e6c2848647aaa0150520b13b9dc22f245dcc360b145f0d19d4af62ed4bf398ec18cd4a3b89c11e5fc399c065e6ff582debe3aba84ddf78bc42bf26b4ed8f002e964024e279651b487ee3a43c98a1dc1145ceb