secure.universalstudios.com

- Universal City Studios LLC -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 0a:bb:14:92:16:95:c8:8a:94:08:d6:86:dc:0c:b1:53 was issued on by DigiCert Inc.

With 48 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Universal City Studios LLC

Organization: Universal City Studios LLC
Organization unit: Universal City Studios
State / Province: California
Locality: Universal City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:bb:14:92:16:95:c8:8a:94:08:d6:86:dc:0c:b1:53
Serial Number (int): 14263656692888718804381479970880139603
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 48:12:1d:c3:b6:ae:ac:a2:34:08:b9:79:b8:df:d0:76:6b:37:c0:d8
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): a5:15:bf:17:e0:19:84:92:af:84:e7:b6:ca:f8:61:57:52:28:7c:9f
Fingerprint (sha256): 3e:af:14:f8:75:fe:96:be:d5:71:71:09:4b:ef:06:4c:35:83:41:cf:3b:8a:84:01:34:73:ab:b5:18:28:32:90

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate secure.universalstudios.com

48

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.universalstudios.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.universalstudios.com
media.universalorlando.com
universalorlando.com
tmidsvc.universalparks.com
hhntickets.universalorlando.com
www.universalparks.com
prod.universaltravelagents.com
tmid.universalparks.com
secure.universalorlando.com
giftcards.universalorlando.com
www.universalorlandoresort.com
etdsuat-api.ucdp.net
rtuap.universalorlando.com
hhnap.universalorlando.com
harrypotternews.universalorlando.com
www.universalorlandoyouth.com
spheresvc.ucdp.net
rtutickets.universalorlando.com
www.universalorlando.com
sphere.ucdp.net
www.uomeetingsandevents.com
orlando.halloweenhorrornights.com
b2b.universalorlando.com
shop.universalorlando.com
site.universalorlando.com
www.universalevents.com
www.universaltravelagents.com
sphereqa.ucdp.net
usj.universalplay.games
universalparks.com
www.universalorlando.co.uk
theuniversalsphere.com
tickets-services.universalorlando.com
www.theuniversalsphere.com
tickets.universalorlando.com
etds-api.ucdp.net
etdsuat.universalparks.com
tickets2.universalorlando.com
services2.universalorlando.com
app.tickets2.universalorlando.com
espanol.universalorlando.com
services.universalorlando.com
apps.universalparks.com
purchase.universalorlando.com
portuguese.universalorlando.com
spheresvcqa.ucdp.net
ww2.universalorlando.com
etds.universalparks.com

Other certificates including the domain name universalstudios.com

(limited to 100 certificates)
www.universalorlando.com
secure.universalstudios.com
secure.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
propsstg.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
web2.sourceaudio.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
www.seeso.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
www.universalpictures.com
www.universalorlando.com
oltsuat.secure.universalstudios.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
props.universalstudios.com
www.universalpictures.com
twuat.secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.seeso.com
www.seeso.com
propsstg.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
studioopsportal.universalstudios.com
studio.florida.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
etds.universalstudios.com
web2.sourceaudio.com
etdsuat.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
studioopsportal.universalstudios.com
www.seeso.com
san-3-s6.tlsprovisioning.exacttarget.com
www.seeso.com
www.universalpictures.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
web2.sourceaudio.com
www.universalpictures.com
www.universalorlando.com
signup.universalstudios.com
nbcuat.secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
props.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
web2.sourceaudio.com
www.universalpictures.com
etdsuat-o.ucdp.net
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
propsstg.universalstudios.com

Certificate

The complete raw certificate details for secure.universalstudios.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKdTCCCV2gAwIBAgIQCrsUkhaVyIqUCNaG3AyxUzANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xOTExMTEwMDAwMDBaFw0yMTAyMDkxMjAwMDBaMIGnMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOVW5pdmVyc2FsIENpdHkxIzAh
BgNVBAoTGlVuaXZlcnNhbCBDaXR5IFN0dWRpb3MgTExDMR8wHQYDVQQLExZVbml2
ZXJzYWwgQ2l0eSBTdHVkaW9zMSQwIgYDVQQDExtzZWN1cmUudW5pdmVyc2Fsc3R1
ZGlvcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQfGt1/eCk
JJBy2BaAGfKauLTqj2b/QP64j90YGQk/r94x5kWPAqS9Y5c87UbNrjQx0iYRYKKy
blhzqCti3s5WzQ+fBGrc9Kzw+M4+a5bIhBgfU2+ZOokTylAfoTbfT8OqaAC4cMhE
2jadCL2ZavaqNN/o9aUqXnZCSNEssB6qGBXXufcZWvezi7tjbX9kCu/Xl/BD5odE
cFetr/Xr6q2/BLWncC8ZLPOrFZhbBl1IkFXLxJKVxenYCTiDviRMbHe5gKnxADxd
IAwXj+vUgwyacO30Lfv2OHZTQhgFZ2D7xdUeM4R5n3qlmWrJ8l6y1pK0xHUA/OEm
zqukqgeN6QeBAgMBAAGjggbjMIIG3zAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3y
o0MWOJ5sxTAdBgNVHQ4EFgQUSBIdw7aurKI0CLl5uN/Qdms3wNgwggVHBgNVHREE
ggU+MIIFOoIbc2VjdXJlLnVuaXZlcnNhbHN0dWRpb3MuY29tghptZWRpYS51bml2
ZXJzYWxvcmxhbmRvLmNvbYIUdW5pdmVyc2Fsb3JsYW5kby5jb22CGnRtaWRzdmMu
dW5pdmVyc2FscGFya3MuY29tgh9oaG50aWNrZXRzLnVuaXZlcnNhbG9ybGFuZG8u
Y29tghZ3d3cudW5pdmVyc2FscGFya3MuY29tgh5wcm9kLnVuaXZlcnNhbHRyYXZl
bGFnZW50cy5jb22CF3RtaWQudW5pdmVyc2FscGFya3MuY29tghtzZWN1cmUudW5p
dmVyc2Fsb3JsYW5kby5jb22CHmdpZnRjYXJkcy51bml2ZXJzYWxvcmxhbmRvLmNv
bYIed3d3LnVuaXZlcnNhbG9ybGFuZG9yZXNvcnQuY29tghRldGRzdWF0LWFwaS51
Y2RwLm5ldIIacnR1YXAudW5pdmVyc2Fsb3JsYW5kby5jb22CGmhobmFwLnVuaXZl
cnNhbG9ybGFuZG8uY29tgiRoYXJyeXBvdHRlcm5ld3MudW5pdmVyc2Fsb3JsYW5k
by5jb22CHXd3dy51bml2ZXJzYWxvcmxhbmRveW91dGguY29tghJzcGhlcmVzdmMu
dWNkcC5uZXSCH3J0dXRpY2tldHMudW5pdmVyc2Fsb3JsYW5kby5jb22CGHd3dy51
bml2ZXJzYWxvcmxhbmRvLmNvbYIPc3BoZXJlLnVjZHAubmV0ght3d3cudW9tZWV0
aW5nc2FuZGV2ZW50cy5jb22CIW9ybGFuZG8uaGFsbG93ZWVuaG9ycm9ybmlnaHRz
LmNvbYIYYjJiLnVuaXZlcnNhbG9ybGFuZG8uY29tghlzaG9wLnVuaXZlcnNhbG9y
bGFuZG8uY29tghlzaXRlLnVuaXZlcnNhbG9ybGFuZG8uY29tghd3d3cudW5pdmVy
c2FsZXZlbnRzLmNvbYIdd3d3LnVuaXZlcnNhbHRyYXZlbGFnZW50cy5jb22CEXNw
aGVyZXFhLnVjZHAubmV0ghd1c2oudW5pdmVyc2FscGxheS5nYW1lc4ISdW5pdmVy
c2FscGFya3MuY29tghp3d3cudW5pdmVyc2Fsb3JsYW5kby5jby51a4IWdGhldW5p
dmVyc2Fsc3BoZXJlLmNvbYIldGlja2V0cy1zZXJ2aWNlcy51bml2ZXJzYWxvcmxh
bmRvLmNvbYIad3d3LnRoZXVuaXZlcnNhbHNwaGVyZS5jb22CHHRpY2tldHMudW5p
dmVyc2Fsb3JsYW5kby5jb22CEWV0ZHMtYXBpLnVjZHAubmV0ghpldGRzdWF0LnVu
aXZlcnNhbHBhcmtzLmNvbYIddGlja2V0czIudW5pdmVyc2Fsb3JsYW5kby5jb22C
HnNlcnZpY2VzMi51bml2ZXJzYWxvcmxhbmRvLmNvbYIhYXBwLnRpY2tldHMyLnVu
aXZlcnNhbG9ybGFuZG8uY29tghxlc3Bhbm9sLnVuaXZlcnNhbG9ybGFuZG8uY29t
gh1zZXJ2aWNlcy51bml2ZXJzYWxvcmxhbmRvLmNvbYIXYXBwcy51bml2ZXJzYWxw
YXJrcy5jb22CHXB1cmNoYXNlLnVuaXZlcnNhbG9ybGFuZG8uY29tgh9wb3J0dWd1
ZXNlLnVuaXZlcnNhbG9ybGFuZG8uY29tghRzcGhlcmVzdmNxYS51Y2RwLm5ldIIY
d3cyLnVuaXZlcnNhbG9ybGFuZG8uY29tghdldGRzLnVuaXZlcnNhbHBhcmtzLmNv
bTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1Ry
dXN0UlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB1
BggrBgEFBQcBAQRpMGcwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1
c3QuY29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20v
R2VvVHJ1c3RSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwEwYKKwYBBAHWeQIEAwEB
/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJgxF3wmcq3FQmxc0KU2glPcytHe61He
1JFKv7qCOPbrgUKmDWGdeEgNEzXf719QSVy/2MgAL04W7QOTZ8RW8QT6jEicw0vN
0wjdbub3wNr3n/aVEx6ViQKtba7koNThiND7cty6AkEzOamybBi368Dnc3SN7EnR
jOglRjFfRRugub9vEjLRiOGzYmRJfvs+fLhwtBeKS5ax8+TdU5OXiKF+lYyQGxXM
uL7j1MZc2NbTSxESPOUza0YkKBY5lnhNTWd1niEQN5+9eRMqLWLVG+qVfHYGDS1s
YfnWEUS//SHiKt6ejLpN/E93T1nl0HTzXU4DZRZP9LhYweiDLDx9NP8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hxrdf3gpCSQctgWgBny
mri06o9m/0D+uI/dGBkJP6/eMeZFjwKkvWOXPO1Gza40MdImEWCism5Yc6grYt7O
Vs0PnwRq3PSs8PjOPmuWyIQYH1NvmTqJE8pQH6E230/DqmgAuHDIRNo2nQi9mWr2
qjTf6PWlKl52QkjRLLAeqhgV17n3GVr3s4u7Y21/ZArv15fwQ+aHRHBXra/16+qt
vwS1p3AvGSzzqxWYWwZdSJBVy8SSlcXp2Ak4g74kTGx3uYCp8QA8XSAMF4/r1IMM
mnDt9C379jh2U0IYBWdg+8XVHjOEeZ96pZlqyfJestaStMR1APzhJs6rpKoHjekH
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14263656692888718804381479970880139603
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-09 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.universalstudios.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26318921107796061736089989665012564481297109848379265995635456753075575930278545092383292777304758243127527448739700015163844846351085042647108409959737130848977848090354681709696613581922067280867544245849861677597953743149367109511776587238384895692988433282369230014438797877881580979743860263782975321906875664024473059794249445694366490163502330958404120900553345426053284789414121723482211969946031337953630856029513970031687885117886309991530307556683278379297400538516701628420585595425957144939496559033052252870502305690743803612349123335090336767571837246902445317000312318766547843560817028244645381474177
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:1|t:8|false]  
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1342 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalstudios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmidsvc.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhntickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmid.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcards.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoresort.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etdsuat-api.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtuap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhnap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrypotternews.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoyouth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvc.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtutickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphere.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uomeetingsandevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orlando.halloweenhorrornights.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'site.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphereqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usj.universalplay.games'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets-services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etds-api.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etdsuat.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'espanol.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portuguese.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvcqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ww2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etds.universalparks.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009831177c2672adc5426c5cd0a5368253dccad1deeb51ded4914abfba8238f6eb8142a60d619d78480d1335dfef5f50495cbfd8c8002f4e16ed039367c456f104fa8c489cc34bcdd308dd6ee6f7c0daf79ff695131e958902ad6daee4a0d4e188d0fb72dcba02413339a9b26c18b7ebc0e773748dec49d18ce82546315f451ba0b9bf6f1232d188e1b36264497efb3e7cb870b4178a4b96b1f3e4dd53939788a17e958c901b15ccb8bee3d4c65cd8d6d34b11123ce5336b462428163996784d4d67759e2110379fbd79132a2d62d51bea957c76060d2d6c61f9d61144bffd21e22ade9e8cba4dfc4f774f59e5d074f35d4e0365164ff4b858c1e8832c3c7d34ff