webmail.ijm.org
- International Justice Mission -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 09:2f:42:56:41:02:6f:4b:3b:b7:f7:c5:38:2f:e7:5c was issued on by DigiCert Inc.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
International Justice Mission
Organization:
International Justice Mission
State / Province:
District of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:2f:42:56:41:02:6f:4b:3b:b7:f7:c5:38:2f:e7:5cSerial Number (int): 12208435387190666052171453613055403868
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 86:d3:12:e5:6f:8d:91:54:f1:55:be:52:66:9c:2d:e9:c9:62:7d:d1
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 1e:ff:6f:6b:b3:a3:30:83:31:9e:f0:92:8c:6f:89:cf:7e:d0:a9:f1
Fingerprint (sha256): 3f:1f:d5:be:ea:93:8f:e9:0f:83:ca:60:72:57:70:94:5c:d8:c0:6e:d8:54:7f:9b:a9:33:ef:bf:1f:b7:f1:34
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl
Check the revocation status for certificate webmail.ijm.org
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for webmail.ijm.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
webmail.ijm.org
hq-core-wf1.ijm.org
mobile.ijm.org
sentry2.ijm.org
svmdc0010.ijm.org
svmdc0012.ijm.org
svmdc0011.ijm.org
autodiscover.ijm.org
exchange.ijm.org
hq-core-wf1.ijm.org
mobile.ijm.org
sentry2.ijm.org
svmdc0010.ijm.org
svmdc0012.ijm.org
svmdc0011.ijm.org
autodiscover.ijm.org
exchange.ijm.org
Other certificates including the domain name ijm.org
(limited to 100 certificates)
stage.ijm.org
stage.freedomcommons.ijm.org
gifts.ijm.org
sentry.ijm.org
image.mktmarathonkids.org
ssl964611.cloudflaressl.com
freedomcommons.ijm.org
stage.gifts.ijm.org
sni.cloudflaressl.com
gifts.ijm.org
netcommunity.ijm.org
www.ijm.org
mask12.classy.org
sharepoint.ijm.org
stage.ijm.org
gifts.ijm.org
image.mktmarathonkids.org
gifts.ijm.org
mask12.classy.org
fundraising.ijm.org
*.ijm.org
freedomcommons.ijm.org
mask12.classy.org
mask12.classy.org
mask12.classy.org
freedomcommons.ijm.org
mask12.classy.org
gifts.ijm.org
mask12.classy.org
dev.ijm.org
mobile.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
support.quickhelp.com
san-3-s7.tlsprovisioning.exacttarget.com
tableau.ijm.org
support.quickhelp.com
*.ijm.org
stage.ijm.org
dev.ijm.org
stage.ijm.org
webmail.ijm.org
stage.gifts.ijm.org
www.ijm.org
stage.ijm.org
stage.ijm.org
webmail.ijm.org
ssl964612.cloudflaressl.com
stage.freedomcommons.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
gifts.ijm.org
tableau.ijm.org
gifts.ijm.org
ijm.org
stage.freedomcommons.ijm.org
stage.gifts.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
sharepoint.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
image.mktmarathonkids.org
mask12.classy.org
webmail.ijm.org
mask12.classy.org
gifts.ijm.org
stage.gifts.ijm.org
mask12.classy.org
dev.ijm.org
image.mktmarathonkids.org
webmail.ijm.org
mask12.classy.org
my.ijm.org
mask12.classy.org
sni.cloudflaressl.com
www.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
gifts.ijm.org
san-3-s7.tlsprovisioning.exacttarget.com
mask12.classy.org
mask12.classy.org
image.mktmarathonkids.org
stage.freedomcommons.ijm.org
tableau.ijm.org
www.ijm.org
image.mktmarathonkids.org
mask12.classy.org
stage.gifts.ijm.org
sni.cloudflaressl.com
webmail.ijm.org
bomgar.ijm.org
image.mktmarathonkids.org
sni.cloudflaressl.com
dev.ijm.org
stage.freedomcommons.ijm.org
gifts.ijm.org
sentry.ijm.org
image.mktmarathonkids.org
ssl964611.cloudflaressl.com
freedomcommons.ijm.org
stage.gifts.ijm.org
sni.cloudflaressl.com
gifts.ijm.org
netcommunity.ijm.org
www.ijm.org
mask12.classy.org
sharepoint.ijm.org
stage.ijm.org
gifts.ijm.org
image.mktmarathonkids.org
gifts.ijm.org
mask12.classy.org
fundraising.ijm.org
*.ijm.org
freedomcommons.ijm.org
mask12.classy.org
mask12.classy.org
mask12.classy.org
freedomcommons.ijm.org
mask12.classy.org
gifts.ijm.org
mask12.classy.org
dev.ijm.org
mobile.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
support.quickhelp.com
san-3-s7.tlsprovisioning.exacttarget.com
tableau.ijm.org
support.quickhelp.com
*.ijm.org
stage.ijm.org
dev.ijm.org
stage.ijm.org
webmail.ijm.org
stage.gifts.ijm.org
www.ijm.org
stage.ijm.org
stage.ijm.org
webmail.ijm.org
ssl964612.cloudflaressl.com
stage.freedomcommons.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
gifts.ijm.org
tableau.ijm.org
gifts.ijm.org
ijm.org
stage.freedomcommons.ijm.org
stage.gifts.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
sharepoint.ijm.org
image.mktmarathonkids.org
support.quickhelp.com
mobile.ijm.org
image.mktmarathonkids.org
mask12.classy.org
webmail.ijm.org
mask12.classy.org
gifts.ijm.org
stage.gifts.ijm.org
mask12.classy.org
dev.ijm.org
image.mktmarathonkids.org
webmail.ijm.org
mask12.classy.org
my.ijm.org
mask12.classy.org
sni.cloudflaressl.com
www.ijm.org
image.mktmarathonkids.org
image.mktmarathonkids.org
mask12.classy.org
gifts.ijm.org
san-3-s7.tlsprovisioning.exacttarget.com
mask12.classy.org
mask12.classy.org
image.mktmarathonkids.org
stage.freedomcommons.ijm.org
tableau.ijm.org
www.ijm.org
image.mktmarathonkids.org
mask12.classy.org
stage.gifts.ijm.org
sni.cloudflaressl.com
webmail.ijm.org
bomgar.ijm.org
image.mktmarathonkids.org
sni.cloudflaressl.com
dev.ijm.org
Certificate
The complete raw certificate details for webmail.ijm.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGAjCCBOqgAwIBAgIQCS9CVkECb0s7t/fFOC/nXDANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xMzEwMjIxMjAwMDFaFw0xNjA4MjQxMjAwMDBa MIGDMQswCQYDVQQGEwJVUzEdMBsGA1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWEx EzARBgNVBAcTCldhc2hpbmd0b24xJjAkBgNVBAoTHUludGVybmF0aW9uYWwgSnVz dGljZSBNaXNzaW9uMRgwFgYDVQQDEw93ZWJtYWlsLmlqbS5vcmcwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLM9kD7xVP6wtr6iTMYkw10RTxp/7km0U3 gHnIX09jyLIzXtF8RWByD4UoklEkdjVbS3jumFbhHi+MbseovHz0XqMbfdVbHmk9 V1rh6eVP6lVRb6HJRbIFh5XwT8mH3PgCeglr7+0/3W197BN7qn60fbGvUx+ZX3+P VQH1D7dddDSOLI4oDtKoloFGMqEYMohRyjc7GREyOCN3yJElLFm0YjBsaPLpmU55 Ha712G88JrUhAuinSEmLCE3HXA/IAnwhpldlGI64Y6RsKRvet78vMSUYhqrujB+v QS+VQPPmskbcKOHMQ88nHDzmfOL6n9tVLoNX9fZxGNBtXq9dnhndAgMBAAGjggKC MIICfjAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQU htMS5W+NkVTxVb5SZpwt6clifdEwgbMGA1UdEQSBqzCBqIIPd2VibWFpbC5pam0u b3JnghNocS1jb3JlLXdmMS5pam0ub3Jngg5tb2JpbGUuaWptLm9yZ4IPc2VudHJ5 Mi5pam0ub3JnghFzdm1kYzAwMTAuaWptLm9yZ4IRc3ZtZGMwMDEyLmlqbS5vcmeC EXN2bWRjMDAxMS5pam0ub3JnghRhdXRvZGlzY292ZXIuaWptLm9yZ4IQZXhjaGFu Z2UuaWptLm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0 LmNvbS9zaGEyLWhhLXNlcnZlci1nNS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRp Z2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNS5jcmwwTAYDVR0gBEUwQzA3Bglg hkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0 cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0 cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNB LmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCUiGpOV9stB3sQ TG1jho0H3v1JUFiomoDU54MnzcdnARCnsVS4kvXlUymfREYl6Jz6L97nEZc16QV4 +otAJru50rd9wglOTTsy79/64IcXOLJVeZa/3/GqsaEvEFZhCudeHSY0dPZfY4sg iUrXt8w8SUdE8QfMeAwjQ1Hi4x43OvZUJ9F7xoAJU7KhJqXywfKRiGkj2drkINgp Pws/RekTA26JPwzwYYZLP3VgJfuhS1Irnzn4yVeTtds3wUdEJIkFiEw90Ndlb8Wi jp7DOOtCu3oZDoYS8m0V+MNQksPH4wzGoZMwfJ5ZAlBF9cB51FeSuiC28568x74D nVrRDLTL -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzPZA+8VT+sLa+okzGJM NdEU8af+5JtFN4B5yF9PY8iyM17RfEVgcg+FKJJRJHY1W0t47phW4R4vjG7HqLx8 9F6jG33VWx5pPVda4enlT+pVUW+hyUWyBYeV8E/Jh9z4AnoJa+/tP91tfewTe6p+ tH2xr1MfmV9/j1UB9Q+3XXQ0jiyOKA7SqJaBRjKhGDKIUco3OxkRMjgjd8iRJSxZ tGIwbGjy6ZlOeR2u9dhvPCa1IQLop0hJiwhNx1wPyAJ8IaZXZRiOuGOkbCkb3re/ LzElGIaq7owfr0EvlUDz5rJG3CjhzEPPJxw85nzi+p/bVS6DV/X2cRjQbV6vXZ4Z 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12208435387190666052171453613055403868 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-10-22 12:00:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'International Justice Mission' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webmail.ijm.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25651942969903452413828644227592747352351318723173790073881963414162907841752793081778252917131572132421092766737577245469054752369620504004678857229504979336930981788524548836922457834373820322083315160130483032867763611790284759644988302498849376004784077251923698360519307528030405776706429596364237027579166023727772895925808361637758348868134246963268389060689652851972844596844758928454861029656369897636745565255722672012756971184587121979491542816692841958303216891893599740966738598649840297802378271146085601088993070123202026828079015658484009416922382911450177274457871576402002835102826612635063321237981 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 86d312e56f8d9154f155be52669c2de9c9627dd1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (171 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hq-core-wf1.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sentry2.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svmdc0010.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svmdc0012.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svmdc0011.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ijm.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exchange.ijm.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0094886a4e57db2d077b104c6d63868d07defd495058a89a80d4e78327cdc7670110a7b154b892f5e553299f444625e89cfa2fdee7119735e90578fa8b4026bbb9d2b77dc2094e4d3b32efdffae0871738b2557996bfdff1aab1a12f1056610ae75e1d263474f65f638b20894ad7b7cc3c494744f107cc780c234351e2e31e373af65427d17bc6800953b2a126a5f2c1f291886923d9dae420d8293f0b3f45e913036e893f0cf061864b3f756025fba14b522b9f39f8c95793b5db37c14744248905884c3dd0d7656fc5a28e9ec338eb42bb7a190e8612f26d15f8c35092c3c7e30cc6a193307c9e59025045f5c079d45792ba20b6f39ebcc7be039d5ad10cb4cb