sechighlights.cbssports.com

Issued by GlobalSign Domain Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 53:a7:e0:da:e3:77:56:a8:90:1c:b9:77 was issued on by GlobalSign nv-sa.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=sechighlights.cbssports.com,OU=Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 53:a7:e0:da:e3:77:56:a8:90:1c:b9:77
Serial Number (int): 25890208274920319296353384823
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 39:11:75:be:c9:c6:7c:61:01:e7:f3:c6:a1:92:54:3b:47:12:07:a6
AuthorityKeyId: ea:4e:7c:d4:80:2d:e5:15:81:86:26:8c:82:6d:c0:98:a4:cf:97:0f

Fingerprint (sha1): e7:f7:93:08:1e:bf:42:41:6a:12:76:79:74:a5:f2:88:21:e1:c3:62
Fingerprint (sha256): 3d:0c:17:02:7a:f5:38:54:15:d6:86:95:1b:af:36:bb:86:91:41:84:91:c4:a6:ad:25:4b:0a:b3:5a:b7:e6:11

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl

Check the revocation status for certificate sechighlights.cbssports.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sechighlights.cbssports.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sechighlights.cbssports.com

Other certificates including the domain name cbssports.com

(limited to 100 certificates)
sli.cbssports.com
ey-campfire.com
cbslocal.com
radio.cbssports.com
*.baseball.cbssports.com
cc.cnetcontent.com
devemendous.com
image.e.outdoors.org
*.basketball.cbssports.com
image.e.outdoors.org
image.e.outdoors.org
safety.cbssports.com
penyadap.com
*.cbssports.com
gottlieb.radio.cbssports.com
*.mayhem.cbssports.com
www.bitfog.co
cbssports.com
cbssports.com
*.basketball.cbssports.com
justdogs.app
*.cbssports.com
sportsnowplanning.cbssports.com
n1to.com
tls.automattic.com
cc.cnetcontent.com
cbssports.com
*.basketball.cbssports.com
*.hockey.cbssports.com
tls.automattic.com
horseracing.cbssports.com
gottlieb.radio.cbssports.com
agartheanstudios.co
gottlieb.radio.cbssports.com
secure01.teamfanshop.com
secure01.teamfanshop.com
tls.automattic.com
*.cbssports.com
cc.cnetcontent.com
qa.app.pspro.ai
secure01.teamfanshop.com
*.football.cbssports.com
nabilcook.com
cc.cnetcontent.com
image.e.outdoors.org
*.baseball.cbssports.com
*.hockey.cbssports.com
cc.cnetcontent.com
tikiandtierney.radio.cbssports.com
image.e.outdoors.org
*.cbssports.com
business.shopsavee.com
tropez-pearls.com
*.ephm-bison.cbssports.com
*.hockey.cbssports.com
*.football.qa.cbssports.com
sushiuplus.ca
image.e.outdoors.org
secure01.teamfanshop.com
image.e.outdoors.org
*.basketball.cbssports.com
secure01.teamfanshop.com
cc.cnetcontent.com
gottlieb.radio.cbssports.com
*.apipufi.cbssports.com
*.cbssports.com
*.hera.cbssports.com
*.cbssports.com
*.cbssports.com
*.apipufi.cbssports.com
*.cbssports.com
thesimplegeography.de
shop.cbssports.com
secure01.teamfanshop.com
gottlieb.radio.cbssports.com
coderbin.com
*.cbssports.com
gottlieb.radio.cbssports.com
thesimplegeography.de
firebasetest.mglsk.be
image.e.outdoors.org
secure01.teamfanshop.com
secure01.teamfanshop.com
image.e.outdoors.org
meta-studio.world
ops.cbssports.com
saa.cbssports.com
nucdn.cbssports.com
fantasy.img.cbssports.com
click.email.cbssports.com
mta-sts.openresearch.news
secure01.teamfanshop.com
sechighlights.cbssports.com
www.litz.co
www.seelan.co
*.mayhem.cbssports.com
gottlieb.radio.cbssports.com
*.hockey.cbssports.com
cc.cnetcontent.com
secure01.teamfanshop.com

Certificate

The complete raw certificate details for sechighlights.cbssports.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHBjCCBe6gAwIBAgIMU6fg2uN3VqiQHLl3MA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcxMTIyMTc0NTU3WhcNMTgxMTIzMTc0NTU3WjBJMSEwHwYDVQQLExhEb21haW4g
Q29udHJvbCBWYWxpZGF0ZWQxJDAiBgNVBAMTG3NlY2hpZ2hsaWdodHMuY2Jzc3Bv
cnRzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkvLxRH8Xo9
Q4oopmJUdqeF9Qmdfe5ikgosceNromzG8enG5IQDhIbbpQGl7Ud141ZP5LfSDR8P
DwT037k2PTvW+A/YyZ8hXLJZvUpdY1hRDnRLZjtW+4KzLut8R55WfaU97QDXEjtO
ctcyLnFBEuhfUuWo9hN1SdrJrFelJMP8RN9bQlv60fI0kby6DwLLp6eZ7MJSuqFH
li+qY9KRjOquEHTUWpx5s4zPf3vpujRZ2CDemz8CLuaQ59RgTagZ9zq/V40BFu+R
kuTJDpibkHsMwEyi13HZa2SZ8jOemVGicqLQ3Pgi9AWokUpSXrvxwB/VDrx/KHGS
9r9AceEOcQ8CAwEAAaOCA9UwggPRMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUH
AQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5j
b20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1o
dHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYD
VR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAw
QwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9n
c2RvbWFpbnZhbHNoYTJnMi5jcmwwJgYDVR0RBB8wHYIbc2VjaGlnaGxpZ2h0cy5j
YnNzcG9ydHMuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV
HQ4EFgQUORF1vsnGfGEB5/PGoZJUO0cSB6YwHwYDVR0jBBgwFoAU6k581IAt5RWB
hiaMgm3AmKTPlw8wggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB2AKS5CZC0GFgU
h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABX+TWITsAAAQDAEcwRQIhAP3p9aE8
OwJDbpBDN237ZOmpmlnNqwVlDLYJ3+/ZOrY4AiA0/t/agY/tHrmbCzov2E29XOXG
AxuVrx7v6v4dBmt90QB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDd
AAABX+TWIagAAAQDAEgwRgIhAPluv41TyHHVBBSHFPhLbqD1hSBRy/1BFDSNYvCS
JW68AiEAgwk8PtqMTkWCmzGMy5RPaImpHf5UZxTJIMxa6YHBJfcAdgBvU3asMfAx
GdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAV/k1iJeAAAEAwBHMEUCID7N+RCs
ddg0O0tLebqY5ZmhsjnB6u4XqTlShqbumbKAAiEArLnaAysq/z3ewIabOXzETKiS
tQKH8geoPc3iaEH1v98AdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9
ywAAAV/k1iQaAAAEAwBHMEUCIEHWTFvPEVm9ikHJoMYFhkJcRT5lH4c0QvCNcrzm
muurAiEA9XFvcPc3jZv98g1ndAYrMOy3yMSXmtX6CGWUiVbBAqIwDQYJKoZIhvcN
AQELBQADggEBACPj5ZO1E8R6aR3DjgL+ay9aLfSU6iJa0sLkWNzxdb13JZnVIBcY
Dc7Y2Tp2vysaEW1wuAhzpnBSj0NJVgdFeURVq4ZgkjY3DsAZj5CkHUDvNmNaVoB1
sK4iTkacghXRfiXN8ySt4B/qGNu0iYHzzF61ouZKNlv08x5+iJeZXMQp2zBwDEcN
asLPYrNZ5masnd+X/gHkxwL6ZbrCMVw2jOS4T1frB3r8P65oWyk6ztf0vbd3jJj5
14ZDTydFa10ixI9gEx4I9BSa4K2LnELW5SNaT7PJyg5I5Q+R6jqA7VM51MNPbsUN
sT8eoR07EJePsu34rnOv9zYkk0cdvDSsIHc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS8vFEfxej1DiiimYlR2
p4X1CZ197mKSCixx42uibMbx6cbkhAOEhtulAaXtR3XjVk/kt9INHw8PBPTfuTY9
O9b4D9jJnyFcslm9Sl1jWFEOdEtmO1b7grMu63xHnlZ9pT3tANcSO05y1zIucUES
6F9S5aj2E3VJ2smsV6Ukw/xE31tCW/rR8jSRvLoPAsunp5nswlK6oUeWL6pj0pGM
6q4QdNRanHmzjM9/e+m6NFnYIN6bPwIu5pDn1GBNqBn3Or9XjQEW75GS5MkOmJuQ
ewzATKLXcdlrZJnyM56ZUaJyotDc+CL0BaiRSlJeu/HAH9UOvH8ocZL2v0Bx4Q5x
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 25890208274920319296353384823
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-22 17:45:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-23 17:45:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sechighlights.cbssports.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21357540789120976081783133877867394938600734745871868475290083600070437627382296290725882824779653124949142790836302347982869446794777508643377441121380853798934705992458375189090569287026300308756417948849865067233520148528871933980925547550552595658625824663876602314663692974475071022353086935230649422883862357497428009025966738796612097400843975398401586592437463507282522182468428539305510292732427745114693471662720833420383486658786724114184396509750706908391928180298471846533731613781514982482426250999494321032154166428669804931412981058389169090230509450214720097754675625216615654273705051124047320871183
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sechighlights.cbssports.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							391175bec9c67c6101e7f3c6a192543b471207a6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ea4e7cd4802de5158186268c826dc098a4cf970f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015fe4d6213b0000040300473045022100fde9f5a13c3b02436e9043376dfb64e9a99a59cdab05650cb609dfefd93ab638022034fedfda818fed1eb99b0b3a2fd84dbd5ce5c6031b95af1eefeafe1d066b7dd10077005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015fe4d621a80000040300483046022100f96ebf8d53c871d504148714f84b6ea0f5852051cbfd4114348d62f092256ebc02210083093c3eda8c4e45829b318ccb944f6889a91dfe546714c920cc5ae981c125f70076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000015fe4d6225e000004030047304502203ecdf910ac75d8343b4b4b79ba98e599a1b239c1eaee17a9395286a6ee99b280022100acb9da032b2aff3ddec0869b397cc44ca892b50287f207a83dcde26841f5bfdf007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015fe4d6241a0000040300473045022041d64c5bcf1159bd8a41c9a0c60586425c453e651f873442f08d72bce69aebab022100f5716f70f7378d9bfdf20d6774062b30ecb7c8c4979ad5fa0865948956c102a2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0023e3e593b513c47a691dc38e02fe6b2f5a2df494ea225ad2c2e458dcf175bd772599d52017180dced8d93a76bf2b1a116d70b80873a670528f4349560745794455ab86609236370ec0198f90a41d40ef36635a568075b0ae224e469c8215d17e25cdf324ade01fea18dbb48981f3cc5eb5a2e64a365bf4f31e7e8897995cc429db30700c470d6ac2cf62b359e666ac9ddf97fe01e4c702fa65bac2315c368ce4b84f57eb077afc3fae685b293aced7f4bdb7778c98f9d786434f27456b5d22c48f60131e08f4149ae0ad8b9c42d6e5235a4fb3c9ca0e48e50f91ea3a80ed5339d4c34f6ec50db13f1ea11d3b10978fb2edf8ae73aff7362493471dbc34ac2077