myaccount.collegeinvest.org

Issued by DigiCert SHA2 Extended Validation Server CA

About this certificate


This digital certificate with serial number 03:86:31:4e:53:d6:08:a3:1b:24:35:0e:5c:37:a0:a1 was issued on by DigiCert Inc .

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

CollegeInvest

Company registration number: Government Entity
Organization: CollegeInvest
Organization unit: CollegeInvest
Address: 1560 Broadway, Suite 1700
Postal code: 80202
State / Province: Colorado
Locality: Denver
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Postal code: 80202
State / Province: Colorado
Locality: Denver
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 03:86:31:4e:53:d6:08:a3:1b:24:35:0e:5c:37:a0:a1
Serial Number (int): 4684451810211676293679678194038841505
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 3e:1f:f4:73:40:34:0d:73:11:73:20:dc:e8:4f:09:30:85:89:fd:9c
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f

Fingerprint (sha1): 03:91:3c:07:8b:fb:ae:ab:a8:4f:7e:a0:b0:a6:18:3e:86:ec:da:c1
Fingerprint (sha256): 92:db:fb:48:79:74:3e:ea:9e:f3:f5:74:47:30:1d:f3:11:f1:6e:be:3d:95:0d:96:f7:dd:81:88:24:10:56:39

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g1.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g1.crl

Check the revocation status for the current certificate on myaccount.collegeinvest.org
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: myaccount.collegeinvest.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIInjCCB4agAwIBAgIQA4YxTlPWCKMbJDUOXDegoTANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE1MTEwMjAwMDAwMFoXDTE4MDEwNTEy MDAwMFowggEjMRowGAYDVQQPDBFHb3Zlcm5tZW50IEVudGl0eTETMBEGCysGAQQB gjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhDb2xvcmFkbzEaMBgGA1UEBRMR R292ZXJubWVudCBFbnRpdHkxIjAgBgNVBAkTGTE1NjAgQnJvYWR3YXksIFN1aXRl IDE3MDAxDjAMBgNVBBETBTgwMjAyMQswCQYDVQQGEwJVUzERMA8GA1UECBMIQ29s b3JhZG8xDzANBgNVBAcTBkRlbnZlcjEWMBQGA1UEChMNQ29sbGVnZUludmVzdDEW MBQGA1UECxMNQ29sbGVnZUludmVzdDEkMCIGA1UEAxMbbXlhY2NvdW50LmNvbGxl Z2VpbnZlc3Qub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsDDe edfSGf0cxnI6vCG1QQA/vEk228/CKRfHmpLWbvQfLIWKo190PpTDF3hh3jQ4sQyO TXeKaYuAtkMrXwVKUzjykW4raWbQTW6ho89GXQK/yLQQrQzQ87uqcjo3nFNN+Bt2 32JdHUHox+SDUYqhwG9Mz1qyP1+eOaLiuOkuEvjlycapPjnXG4VFyzspBWlbqXIY 1J1QiyAyP3dkOTC4Zexlu93v2ZGs9WNjiaIdwOu8KgKuAmv9/SLe4BRjTX9nZkn7 YX0izysq0IRKWwSwHFkNo2kDm0+Muz3B1VRAJiGlU548aKHBX5Wpg6hW554lORdB rhoPRLKHg6lU5evRXmaeWxfR7rZoRbsTGQOwQMHrbT1PLfQa5KnR7nDg914fH59K CiZi3ztXI1vZiBix/vJjoBVU5CfEvkiM1PxC2SXZceXro3kFkZHIJDq9R1aSDyJL vQjFtOa9m7nxGgpJDgz7D4eJCY6rdwo5SjJDCVgoLfgBfpq1nPFdqxBJfWNrRenY g9CU7n1YSqoxOW5GV/GkFXBvcYD1s4iPCvJROe/hjvmLHvlwVBGlqIDgVKtDfHz2 W+6Oo63CMiF5C5ViEq4cBatNtdAZBwdegwaJNMWKr8UAXzSTe2UZyjki/obKs7Qi GWdFFWqOfCbPs225Ut9dqmsowttMmlFxYoikiHECAwEAAaOCA3gwggN0MB8GA1Ud IwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBQ+H/RzQDQNcxFz INzoTwkwhYn9nDAmBgNVHREEHzAdghtteWFjY291bnQuY29sbGVnZWludmVzdC5v cmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hh Mi1ldi1zZXJ2ZXItZzEuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5j b20vc2hhMi1ldi1zZXJ2ZXItZzEuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYF Z4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0 MAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB1AKS5CZC0 GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABUMo+KZwAAAQDAEYwRAIgYhHA lgi/imYvS6upg/rcQBpTvEfdKC9pILAAyQDtXH0CICrYB3KiA1DC1A37L/BS1rqy gQdCnprXp/oC3+JLy8xvAHYAaPaY+B9kgr46jO65KB1M/HFRXWeT1ETRCmesu09P +8QAAAFQyj4psAAABAMARzBFAiEAmPJrdPqEpidGTXAsgWknvTMvNTdDbp2/yZeA 7n1WzxgCID2H70Zdk8b2F2QqdBYotjJP8yx45ytXv7ivgCbQ04/5AHUAVhQGmi/X wuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFQyj4qmAAABAMARjBEAiA+zZE3 RQnz7mrNSFGIEo2WJGCyREAsdqGjriOSxtdhqwIgKc9xpezhbN1CzQJuV2yGnFCx /Upf/oDqKIWEgR7JYlYwDQYJKoZIhvcNAQELBQADggEBAKe10uQTDh7NqOQZUep5 xRlkFV3JbHnLd9tFRM87D5PZTxCrbs9lszsdec+RsNi95zleAbpRKMKbRb/3o6s+ sTpS1RjlmRd18aME01f6Jmf3acsk6MgJi1EjQekC86V+W4F6NcbS31rnD1G4Gy8i m/+i7dIBKxJ+c8+f0L3jLrEhbnFrtHD1r0CgLWIu4lhguftkJQrIs2hTiYzWaO44 VGZe7X2E+/73G+iMPLxQVd83WANjOGPt59v1nP7fXebp05oR1DG8tAml6bwakbGT /hy77QvwxU7D3fqXbGYbcE07bLUHE1KQ1I4I1KDflopwKmxyPBdWSB6wpujjVpwm y+k= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsDDeedfSGf0cxnI6vCG1 QQA/vEk228/CKRfHmpLWbvQfLIWKo190PpTDF3hh3jQ4sQyOTXeKaYuAtkMrXwVK UzjykW4raWbQTW6ho89GXQK/yLQQrQzQ87uqcjo3nFNN+Bt232JdHUHox+SDUYqh wG9Mz1qyP1+eOaLiuOkuEvjlycapPjnXG4VFyzspBWlbqXIY1J1QiyAyP3dkOTC4 Zexlu93v2ZGs9WNjiaIdwOu8KgKuAmv9/SLe4BRjTX9nZkn7YX0izysq0IRKWwSw HFkNo2kDm0+Muz3B1VRAJiGlU548aKHBX5Wpg6hW554lORdBrhoPRLKHg6lU5evR XmaeWxfR7rZoRbsTGQOwQMHrbT1PLfQa5KnR7nDg914fH59KCiZi3ztXI1vZiBix /vJjoBVU5CfEvkiM1PxC2SXZceXro3kFkZHIJDq9R1aSDyJLvQjFtOa9m7nxGgpJ Dgz7D4eJCY6rdwo5SjJDCVgoLfgBfpq1nPFdqxBJfWNrRenYg9CU7n1YSqoxOW5G V/GkFXBvcYD1s4iPCvJROe/hjvmLHvlwVBGlqIDgVKtDfHz2W+6Oo63CMiF5C5Vi Eq4cBatNtdAZBwdegwaJNMWKr8UAXzSTe2UZyjki/obKs7QiGWdFFWqOfCbPs225 Ut9dqmsowttMmlFxYoikiHECAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4684451810211676293679678194038841505 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-05 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Colorado' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1560 Broadway, Suite 1700' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '80202' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Colorado' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Denver' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CollegeInvest' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CollegeInvest' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'myaccount.collegeinvest.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 718796138457429950355065625978851848078030717152353590920669454415828484277064598787097655347202230917501816711526224667064255077595639315844534359047855616542447702024099857925935610687840266431468217868826891437466024998262971945916275863618172664168977745731562161452093356174775386784595913592423507427935581686611982150605941957992220591915999183911851816259080980145709508177782051851689567783794904977611052529381958220645573741232730602089030342025946662190016676309731760144855236734675506213218961116266378609837028063853804273781690917114863175109105358900448975469521984409876957545356940431082326140971785976731397466927341923822041088451617607918362723824781200581671487267308368141059639226318062077764499554829294082767074112290930849426683618192207613010142345062521744584714365459364936793907216185188398615843597312755877245301072014379948479803269651119891722419601687842822329502082887500010931373659997646335597305859901470650337343989908627508840523853993765583527718770196775354656810849721119988151283093705125577604524655786973995470285461222605480577482654439004356684749956382780310254579767157710090951686578334146844888117106855337061501478856987712192866917639171667880466056801281351083449696959891569 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3e1ff47340340d73117320dce84f09308589fd9c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myaccount.collegeinvest.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000150ca3e299c000004030046304402206211c09608bf8a662f4baba983fadc401a53bc47dd282f6920b000c900ed5c7d02202ad80772a20350c2d40dfb2ff052d6bab28107429e9ad7a7fa02dfe24bcbcc6f00760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000150ca3e29b0000004030047304502210098f26b74fa84a627464d702c816927bd332f3537436e9dbfc99780ee7d56cf1802203d87ef465d93c6f617642a741628b6324ff32c78e72b57bfb8af8026d0d38ff90075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000150ca3e2a98000004030046304402203ecd91374509f3ee6acd485188128d962460b244402c76a1a3ae2392c6d761ab022029cf71a5ece16cdd42cd026e576c869c50b1fd4a5ffe80ea288584811ec96256 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a7b5d2e4130e1ecda8e41951ea79c51964155dc96c79cb77db4544cf3b0f93d94f10ab6ecf65b33b1d79cf91b0d8bde7395e01ba5128c29b45bff7a3ab3eb13a52d518e5991775f1a304d357fa2667f769cb24e8c8098b512341e902f3a57e5b817a35c6d2df5ae70f51b81b2f229bffa2edd2012b127e73cf9fd0bde32eb1216e716bb470f5af40a02d622ee25860b9fb64250ac8b36853898cd668ee3854665eed7d84fbfef71be88c3cbc5055df375803633863ede7dbf59cfedf5de6e9d39a11d431bcb409a5e9bc1a91b193fe1cbbed0bf0c54ec3ddfa976c661b704d3b6cb507135290d48e08d4a0df968a702a6c723c1756481eb0a6e8e3569c26cbe9