secure.switchfly.com

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number 5c:fc:47:36:63:ee:ad:5a:56:2c:04:99:ea:bf:86:26 was issued on by Sectigo Limited.

With 48 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=secure.switchfly.com

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 5c:fc:47:36:63:ee:ad:5a:56:2c:04:99:ea:bf:86:26
Serial Number (int): 123598878780893230861613554602136798758
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: b1:ea:9a:35:46:8c:4f:55:db:46:9b:39:79:e9:c9:32:de:59:05:17
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): 91:10:8a:d5:07:cc:46:05:f2:0f:14:f7:10:9a:2c:87:64:88:25:a7
Fingerprint (sha256): 3c:29:ec:e9:ad:62:72:94:11:4b:f3:38:54:c8:ba:3c:f0:db:9a:f5:a8:83:d4:8f:3c:e7:86:ae:71:5e:92:b6

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate secure.switchfly.com

48

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.switchfly.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.switchfly.com
aereo.tamembarqueja.com.br
agent.aavacations.com
air.useaamiles.com
au.jalvacations.jal.co.jp
aviosandmoney.iberia.com
b2b.tamviagens.com.br
b2bmastercard.tamviagens.com.br
b2c.tamviagens.com.br
book.aavacations.com
booking.easytahiti.com
ca.jalvacations.jal.co.jp
carhotel.useaamiles.com
collectonhotelscarsandmore.avios.com
collectonhotelscarsandmore.ba.com
de.jalvacations.jal.co.jp
fr.jalvacations.jal.co.jp
hk.jalvacations.jal.co.jp
hotelplanner.aavacations.com
hotelscarsandmore.avios.com
id.jalvacations.jal.co.jp
kr.jalvacations.jal.co.jp
marriott.atlantisbahamas.com
my.jalvacations.jal.co.jp
pacotes.tamviagens.com.br
secure.atlantisbahamas.com
secure.myatlantisvacation.com
servicoturisticos.tamembarqueja.com.br
sg.jalvacations.jal.co.jp
th.jalvacations.jal.co.jp
travellatampass.lan.com
tw.jalvacations.jal.co.jp
uk.jalvacations.jal.co.jp
us.jalvacations.jal.co.jp
vn.jalvacations.jal.co.jp
wine.avios.com
www.airandcar.espanol.marriott.com
www.airandcar.marriott.co.jp
www.airandcar.marriott.co.uk
www.airandcar.marriott.com
www.airandcar.marriott.com.au
www.airandcar.marriott.com.cn
www.airandcar.marriott.de
www.airandcar.marriott.fr
www.airandcar.marriott.it
www.airandcar.marriott.pt
www.hotelsandcars.ba.com
www.wine.ba.com

Other certificates including the domain name switchfly.com

(limited to 100 certificates)
*.switchfly.com
*.switchfly.com
*.v184test.switchfly.com
*.v201test.switchfly.com
*.switchfly.com
secure.switchfly.com
switchfly.com
secure.switchfly.com
secure.switchfly.com
secure.switchfly.com
*.switchfly.com
*.v195test.switchfly.com
secure.switchfly.com
*.testjack2.core-test.switchfly.com
*.staging.switchfly.com
*.switchfly.com
*.v192test.switchfly.com
secure.switchfly.com
secure.switchfly.com
*.qa3.switchfly.com
atlantispi.switchfly.com
switchfly.com
secure.switchfly.com
*.v143test.switchfly.com
secure.switchfly.com
*.switchfly.com
secure.switchfly.com
*.v193test.switchfly.com
secure.switchfly.com
*.v172test.switchfly.com
ancillary.switchfly.com
*.staging.switchfly.com
ds-operations.ds.core-test.switchfly.com
analytics.switchfly.com
*.v183test.switchfly.com
b2b.tamviagens.com.br
*.v195test.switchfly.com
switchfly.com
ancillary.switchfly.com
secure.switchfly.com
*.staging.switchfly.com
*.staging.switchfly.com
*.staging.switchfly.com
*.v192test.switchfly.com
*.v193test.switchfly.com
*.qa3.switchfly.com
secure.switchfly.com
*.aws-internal.switchfly.com
*.switchfly.com
secure.switchfly.com
*.qa1.switchfly.com
*.v185test.switchfly.com
employee.switchfly.com
*.v162test.switchfly.com
www.switchfly.com
secure.switchfly.com
*.v194test.switchfly.com
secure.switchfly.com
secure.switchfly.com
*.v175test.switchfly.com
*.switchfly.com
*.switchfly.com
secure.switchfly.com
secure.switchfly.com
*.switchfly.com
*.v154test.switchfly.com
*.v194test.switchfly.com
*.qa3.switchfly.com
secure.switchfly.com
*.v163test.switchfly.com
*.uat.switchfly.com
*.switchfly.com
ancillary.switchfly.com
britishairways.switchfly.com
switchfly.com
*.v165test.switchfly.com
secure.switchfly.com
*.v192test.switchfly.com
*.switchfly.com
*.v181test.switchfly.com
*.aws.switchfly.com
www.switchfly.com
*.staging.switchfly.com
*.v164test.switchfly.com
*.uat.switchfly.com
americanexpress.switchfly.com
ancillary.switchfly.com
secure.switchfly.com
*.v151test.switchfly.com
switchfly.com
ancillary.switchfly.com
*.v121test.switchfly.com
*.switchfly.com
*.uat.switchfly.com
secure.switchfly.com
*.v182test.switchfly.com
*.v191test.switchfly.com
*.switchfly.com
secure.switchfly.com
pwp-uat.client.switchfly.com

Certificate

The complete raw certificate details for secure.switchfly.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJ1TCCCL2gAwIBAgIQXPxHNmPurVpWLASZ6r+GJjANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIxMDcxNDAwMDAwMFoXDTIyMDgxNDIzNTk1OVowHzEdMBsGA1UEAxMUc2Vj
dXJlLnN3aXRjaGZseS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4FNmIDaq4CbScCevDnO57tx/rIXg8UhZe39ZAn0d2UXSGTE1ny/+qIWaUPifg
qEZ1GyCLI5unUbu4Ln/yXrVomVh69Zczs/obhhf/8zTPHuSx7HJdURuxOiFZ0VKc
orGgUw/8S+8UggSQL7UCl98675xk50/gHC8y8KFeW9zMlUTNsOsc6bGPeyLAzzHj
rlAaUot6tXYb87SeYDoH7lKSe+aVUrRtJOB69qsL8xOYx0YI6Ofrnp5FAsuidvZ/
Mh4m2GnUJ+AYda1lRJAX9o/NqcfqgiZiU/TowFqL4bwhOI18PcykXJGDYcQ1Ho2C
rzoejMfHO5YWWzbkBlNx47SZAgMBAAGjggaaMIIGljAfBgNVHSMEGDAWgBSNjF7E
VK2K4Xfpm/mbBeG4AY1h4TAdBgNVHQ4EFgQUseqaNUaMT1XbRps5eenJMt5ZBRcw
DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEF
BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEF
BQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2Vj
dGlnb1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYB
BQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMBMGCisGAQQB1nkCBAMBAf8E
AgUAMIIFLgYDVR0RBIIFJTCCBSGCFHNlY3VyZS5zd2l0Y2hmbHkuY29tghphZXJl
by50YW1lbWJhcnF1ZWphLmNvbS5icoIVYWdlbnQuYWF2YWNhdGlvbnMuY29tghJh
aXIudXNlYWFtaWxlcy5jb22CGWF1LmphbHZhY2F0aW9ucy5qYWwuY28uanCCGGF2
aW9zYW5kbW9uZXkuaWJlcmlhLmNvbYIVYjJiLnRhbXZpYWdlbnMuY29tLmJygh9i
MmJtYXN0ZXJjYXJkLnRhbXZpYWdlbnMuY29tLmJyghViMmMudGFtdmlhZ2Vucy5j
b20uYnKCFGJvb2suYWF2YWNhdGlvbnMuY29tghZib29raW5nLmVhc3l0YWhpdGku
Y29tghljYS5qYWx2YWNhdGlvbnMuamFsLmNvLmpwghdjYXJob3RlbC51c2VhYW1p
bGVzLmNvbYIkY29sbGVjdG9uaG90ZWxzY2Fyc2FuZG1vcmUuYXZpb3MuY29tgiFj
b2xsZWN0b25ob3RlbHNjYXJzYW5kbW9yZS5iYS5jb22CGWRlLmphbHZhY2F0aW9u
cy5qYWwuY28uanCCGWZyLmphbHZhY2F0aW9ucy5qYWwuY28uanCCGWhrLmphbHZh
Y2F0aW9ucy5qYWwuY28uanCCHGhvdGVscGxhbm5lci5hYXZhY2F0aW9ucy5jb22C
G2hvdGVsc2NhcnNhbmRtb3JlLmF2aW9zLmNvbYIZaWQuamFsdmFjYXRpb25zLmph
bC5jby5qcIIZa3IuamFsdmFjYXRpb25zLmphbC5jby5qcIIcbWFycmlvdHQuYXRs
YW50aXNiYWhhbWFzLmNvbYIZbXkuamFsdmFjYXRpb25zLmphbC5jby5qcIIZcGFj
b3Rlcy50YW12aWFnZW5zLmNvbS5icoIac2VjdXJlLmF0bGFudGlzYmFoYW1hcy5j
b22CHXNlY3VyZS5teWF0bGFudGlzdmFjYXRpb24uY29tgiZzZXJ2aWNvdHVyaXN0
aWNvcy50YW1lbWJhcnF1ZWphLmNvbS5icoIZc2cuamFsdmFjYXRpb25zLmphbC5j
by5qcIIZdGguamFsdmFjYXRpb25zLmphbC5jby5qcIIXdHJhdmVsbGF0YW1wYXNz
Lmxhbi5jb22CGXR3LmphbHZhY2F0aW9ucy5qYWwuY28uanCCGXVrLmphbHZhY2F0
aW9ucy5qYWwuY28uanCCGXVzLmphbHZhY2F0aW9ucy5qYWwuY28uanCCGXZuLmph
bHZhY2F0aW9ucy5qYWwuY28uanCCDndpbmUuYXZpb3MuY29tgiJ3d3cuYWlyYW5k
Y2FyLmVzcGFub2wubWFycmlvdHQuY29tghx3d3cuYWlyYW5kY2FyLm1hcnJpb3R0
LmNvLmpwghx3d3cuYWlyYW5kY2FyLm1hcnJpb3R0LmNvLnVrghp3d3cuYWlyYW5k
Y2FyLm1hcnJpb3R0LmNvbYIdd3d3LmFpcmFuZGNhci5tYXJyaW90dC5jb20uYXWC
HXd3dy5haXJhbmRjYXIubWFycmlvdHQuY29tLmNughl3d3cuYWlyYW5kY2FyLm1h
cnJpb3R0LmRlghl3d3cuYWlyYW5kY2FyLm1hcnJpb3R0LmZyghl3d3cuYWlyYW5k
Y2FyLm1hcnJpb3R0Lml0ghl3d3cuYWlyYW5kY2FyLm1hcnJpb3R0LnB0ghh3d3cu
aG90ZWxzYW5kY2Fycy5iYS5jb22CD3d3dy53aW5lLmJhLmNvbTANBgkqhkiG9w0B
AQsFAAOCAQEATuEvxuIDIsknddr8sOWRgaz2zsvAdYUk4w5Mgo6YURajhWTLOf0A
0QxGGcslB/EHCIYWylCGuNz5m1sXevN8hJKpwydpJgkOu4DyX+HGnRweRoKqJlgq
R3mi6O+3hPvqcqRMrNGeEI4ifzQC3qXiTDVB9s7+gZ/dBZWJZYuovILdBg4+yLpo
pVddSoLGzQY+ad9fOyl57D+2OTcfCg2VtN1BqnYTIBRLS3gFO3AwhBmySKqUGCL0
dk4XX5QzNzEzfnvRHrLQFjpqAegFO/hCKj9IcYzSB192ULyBBtJQoGlIM0XYKZqy
OFpJnitnnm25xZ6n0F8UyxeIMv+f7X/wNg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBTZiA2quAm0nAnrw5zu
e7cf6yF4PFIWXt/WQJ9HdlF0hkxNZ8v/qiFmlD4n4KhGdRsgiyObp1G7uC5/8l61
aJlYevWXM7P6G4YX//M0zx7ksexyXVEbsTohWdFSnKKxoFMP/EvvFIIEkC+1Apff
Ou+cZOdP4BwvMvChXlvczJVEzbDrHOmxj3siwM8x465QGlKLerV2G/O0nmA6B+5S
knvmlVK0bSTgevarC/MTmMdGCOjn656eRQLLonb2fzIeJthp1CfgGHWtZUSQF/aP
zanH6oImYlP06MBai+G8ITiNfD3MpFyRg2HENR6Ngq86HozHxzuWFls25AZTceO0
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 123598878780893230861613554602136798758
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.switchfly.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23238129499924663987807964604891728203326471565910395426124532903796569430745217264788104700141902654328442843979974620600543791897853655669654378641747628109893841040896528229497402155133725633694025328734220811193968537656999112552213176280811464898425413303624868279532844724970306028466730932847130588307236814301268308345321932925647723577124751011487819607352666655190058082849357185284806231514553940227023276091205303038533978028045339533327406358194331488240987703427792072448584857344856422242695759915888650499198538441935157740767372135566012281814205082501161937358265821804183030748046113108063269663897
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b1ea9a35468c4f55db469b3979e9c932de590517
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1317 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.switchfly.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aereo.tamembarqueja.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agent.aavacations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'air.useaamiles.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'au.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aviosandmoney.iberia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.tamviagens.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2bmastercard.tamviagens.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2c.tamviagens.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'book.aavacations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'booking.easytahiti.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ca.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carhotel.useaamiles.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'collectonhotelscarsandmore.avios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'collectonhotelscarsandmore.ba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'de.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hotelplanner.aavacations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hotelscarsandmore.avios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'id.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kr.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marriott.atlantisbahamas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pacotes.tamviagens.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.atlantisbahamas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.myatlantisvacation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicoturisticos.tamembarqueja.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sg.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'th.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travellatampass.lan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uk.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vn.jalvacations.jal.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wine.avios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.espanol.marriott.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.airandcar.marriott.pt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hotelsandcars.ba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wine.ba.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004ee12fc6e20322c92775dafcb0e59181acf6cecbc0758524e30e4c828e985116a38564cb39fd00d10c4619cb2507f107088616ca5086b8dcf99b5b177af37c8492a9c3276926090ebb80f25fe1c69d1c1e4682aa26582a4779a2e8efb784fbea72a44cacd19e108e227f3402dea5e24c3541f6cefe819fdd059589658ba8bc82dd060e3ec8ba68a5575d4a82c6cd063e69df5f3b2979ec3fb639371f0a0d95b4dd41aa761320144b4b78053b70308419b248aa941822f4764e175f94333731337e7bd11eb2d0163a6a01e8053bf8422a3f48718cd2075f7650bc8106d250a069483345d8299ab2385a499e2b679e6db9c59ea7d05f14cb178832ff9fed7ff036