www.tiffany.com
- Tiffany and Co -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 03:0f:97:93:06:65:d7:de:16:f1:3b:d0:b9:70:95:55 was issued on by DigiCert Inc.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Tiffany and Co
Organization:
Tiffany and Co
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:0f:97:93:06:65:d7:de:16:f1:3b:d0:b9:70:95:55Serial Number (int): 4068642732602842004564338513791718741
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 3a:04:2b:a3:90:b9:1e:35:bd:7e:e5:ad:db:85:e8:2e:4d:a4:fc:9f
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 3d:1d:0d:8a:a4:2a:dc:45:c7:47:83:05:3c:ca:6b:48:71:17:29:85
Fingerprint (sha256): 41:31:8f:10:10:1e:84:03:f3:6a:6b:51:7c:42:14:9c:80:bb:5d:ee:87:77:6d:25:64:42:bd:7a:f0:5c:34:39
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate www.tiffany.com
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.tiffany.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.tiffany.com
be.tiffany.com
cdn.tiffany.com
dev-legacy-api.tiffany.com
dev-legacy-bo.tiffany.com
fonts.tiffany.com
fr.tiffany.ca
international.tiffany.com
legacy-api.tiffany.com
legacy-bo.tiffany.com
nl.tiffany.com
qa-legacy-api.tiffany.com
qa-legacy-bo.tiffany.com
tiffany.com
www.estore-tco.com
www.estore-tco.jp
www.salesservice.tiffany.com
www.tiffany.at
www.tiffany.cn
www.tiffany.com.au
www.tiffany.de
www.tiffany.es
www.tiffany.fr
www.tiffany.ie
www.tiffany.it
www.tiffany.kr
www.tiffanytrade.com
www.tiffanytrade.jp
www.tiffanywatches.com
www.zh.tiffany.com
be.tiffany.com
cdn.tiffany.com
dev-legacy-api.tiffany.com
dev-legacy-bo.tiffany.com
fonts.tiffany.com
fr.tiffany.ca
international.tiffany.com
legacy-api.tiffany.com
legacy-bo.tiffany.com
nl.tiffany.com
qa-legacy-api.tiffany.com
qa-legacy-bo.tiffany.com
tiffany.com
www.estore-tco.com
www.estore-tco.jp
www.salesservice.tiffany.com
www.tiffany.at
www.tiffany.cn
www.tiffany.com.au
www.tiffany.de
www.tiffany.es
www.tiffany.fr
www.tiffany.ie
www.tiffany.it
www.tiffany.kr
www.tiffanytrade.com
www.tiffanytrade.jp
www.tiffanywatches.com
www.zh.tiffany.com
Other certificates including the domain name tiffany.com
(limited to 100 certificates)
appointments.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
enroll.tiffany.com
www.tiffany.es
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
enroll.tiffany.com
www.tiffany.es
Certificate
The complete raw certificate details for www.tiffany.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIszCCB5ugAwIBAgIQAw+XkwZl194W8TvQuXCVVTANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0yMzEyMTQwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMGYxCzAJBgNVBAYTAlVTMREw DwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFzAVBgNVBAoTDlRp ZmZhbnkgYW5kIENvMRgwFgYDVQQDEw93d3cudGlmZmFueS5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8HJBJJwUvCqqw9l18ftio4d6kjvWZWPuh vXb7y+8u/lI+xj9fdXO4eVAFCMIhNoHk8S2V0B7nos8EH7Mb1iJaXSyP6amXX/9A PsyZv2C6njOcdJtR3xyJj46rMAS6DpAFa63BZCvZyBc8u4sbGiwYUFdSKUdYBx3g R+b+m/pz7HCA+pYSY8X510Ga2MjWm35yDvxXKedicR9Faw8v+XSEgZ79Tb49Omtr zRx7WiRAgDAE7781qVlh53w0sijtcHJcqmXVUf0p4GO+1L3CFg3OC+anu5dGNiXI JT5nVto5SIyT+A87jLzB6WJswSYuRZ/sUV2+uOXA6M4r9HNsp3lnAgMBAAGjggVj MIIFXzAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQU OgQro5C5HjW9fuWt24XoLk2k/J8wggJkBgNVHREEggJbMIICV4IPd3d3LnRpZmZh bnkuY29tgg5iZS50aWZmYW55LmNvbYIPY2RuLnRpZmZhbnkuY29tghpkZXYtbGVn YWN5LWFwaS50aWZmYW55LmNvbYIZZGV2LWxlZ2FjeS1iby50aWZmYW55LmNvbYIR Zm9udHMudGlmZmFueS5jb22CDWZyLnRpZmZhbnkuY2GCGWludGVybmF0aW9uYWwu dGlmZmFueS5jb22CFmxlZ2FjeS1hcGkudGlmZmFueS5jb22CFWxlZ2FjeS1iby50 aWZmYW55LmNvbYIObmwudGlmZmFueS5jb22CGXFhLWxlZ2FjeS1hcGkudGlmZmFu eS5jb22CGHFhLWxlZ2FjeS1iby50aWZmYW55LmNvbYILdGlmZmFueS5jb22CEnd3 dy5lc3RvcmUtdGNvLmNvbYIRd3d3LmVzdG9yZS10Y28uanCCHHd3dy5zYWxlc3Nl cnZpY2UudGlmZmFueS5jb22CDnd3dy50aWZmYW55LmF0gg53d3cudGlmZmFueS5j boISd3d3LnRpZmZhbnkuY29tLmF1gg53d3cudGlmZmFueS5kZYIOd3d3LnRpZmZh bnkuZXOCDnd3dy50aWZmYW55LmZygg53d3cudGlmZmFueS5pZYIOd3d3LnRpZmZh bnkuaXSCDnd3dy50aWZmYW55LmtyghR3d3cudGlmZmFueXRyYWRlLmNvbYITd3d3 LnRpZmZhbnl0cmFkZS5qcIIWd3d3LnRpZmZhbnl3YXRjaGVzLmNvbYISd3d3Lnpo LnRpZmZhbnkuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEW G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0 dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNybDB1Bggr BgEFBQcBAQRpMGcwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3Qu Y29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2Vv VHJ1c3RSU0FDQTIwMTguY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQC BIIBbwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB jGjx64IAAAQDAEcwRQIgXwrAPkJAU2Y3gHTm/B//Gi+JSjgaL7LqOIGxdXxUm+QC IQD5wU27jFy/tZCFoDALT+GipMmkGyugoJ/tQu95lVsUuAB3AEiw42vapkc0D+Vq AvqdMOscUgHLVt0sgdm7v6s52IRzAAABjGjx63wAAAQDAEgwRgIhANX0+fhI6BT3 6Ckr5P07k/NC99BeWS7gShSvvZGTCqoSAiEAoWWp3UUfLGUJaqb7ew5LOEwfUqP4 haDWuFe/TLaojg8AdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAA AYxo8etbAAAEAwBHMEUCIGz2hR/LYN01jJ6d2uT6J1SltS6oLvIV8O6byk46yGsB AiEA6GGp1seP3pzfnp2Ofkn0TefVWbHLvMYAX4E70bXUCNUwDQYJKoZIhvcNAQEL BQADggEBAGWiio0bKxR4pgcZYSlTdKgL5NaG997/kGy1TSC4vTsIIlguXkCG6n+2 yl0TqK7QP9+gUVt3f/G8atYKP2pOSIjJug/EVMcN/gHcEbwLo8CEnk+uhAqioScW S0/SRmAj/Hk99W/b+fHbHsu1rji/IurKsJKhPDD3uNcyaXpsTgNblawhbYZN4DBo VsNF5x/SL2bBnm1VUe8hzxfJw7djUwBkvPP9q+f7SjcN2Fjyb3HwDCynKwFpw0IK U7fr5WFQCsQeeIebXmos1DR+qaFjOF4J15P3ifiTJa0ngWBXA768nDGBLiZ7galC C9qco2+KKjMhZRZzYUnEqjmMz9EqvW0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvByQSScFLwqqsPZdfH7Y qOHepI71mVj7ob12+8vvLv5SPsY/X3VzuHlQBQjCITaB5PEtldAe56LPBB+zG9Yi Wl0sj+mpl1//QD7Mmb9gup4znHSbUd8ciY+OqzAEug6QBWutwWQr2cgXPLuLGxos GFBXUilHWAcd4Efm/pv6c+xwgPqWEmPF+ddBmtjI1pt+cg78VynnYnEfRWsPL/l0 hIGe/U2+PTpra80ce1okQIAwBO+/NalZYed8NLIo7XByXKpl1VH9KeBjvtS9whYN zgvmp7uXRjYlyCU+Z1baOUiMk/gPO4y8welibMEmLkWf7FFdvrjlwOjOK/RzbKd5 ZwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4068642732602842004564338513791718741 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tiffany and Co' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.tiffany.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23746886577740053376937043561726691530388568498837091792980874894672322907600603392807113861189338036453617868966493552832716880611723698756341032055817604728568566974857250863265415433898286988084393200350100550122559724606724931347722996285442117929378730124049111822438501498843705157536125052517645800814061845019509201990582263151879989158433240880606854151458877840859586430492638938901243918679243100634471621726172639412727147232068105860923958498852981430659730646593418956383915076890524894904655489851260412271765618369219637272292011434875368349214800695581274414862435924939441974509437453793548921436519 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3a042ba390b91e35bd7ee5addb85e82e4da4fc9f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'be.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-legacy-api.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-legacy-bo.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fonts.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.tiffany.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'international.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy-api.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy-bo.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-legacy-api.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-legacy-bo.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.salesservice.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.ie' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanytrade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanytrade.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanywatches.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zh.tiffany.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c68f1eb82000004030047304502205f0ac03e42405366378074e6fc1fff1a2f894a381a2fb2ea3881b1757c549be4022100f9c14dbb8c5cbfb59085a0300b4fe1a2a4c9a41b2ba0a09fed42ef79955b14b800770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c68f1eb7c0000040300483046022100d5f4f9f848e814f7e8292be4fd3b93f342f7d05e592ee04a14afbd91930aaa12022100a165a9dd451f2c65096aa6fb7b0e4b384c1f52a3f885a0d6b857bf4cb6a88e0f007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c68f1eb5b000004030047304502206cf6851fcb60dd358c9e9ddae4fa2754a5b52ea82ef215f0ee9bca4e3ac86b01022100e861a9d6c78fde9cdf9e9d8e7e49f44de7d559b1cbbcc6005f813bd1b5d408d5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0065a28a8d1b2b1478a6071961295374a80be4d686f7deff906cb54d20b8bd3b0822582e5e4086ea7fb6ca5d13a8aed03fdfa0515b777ff1bc6ad60a3f6a4e4888c9ba0fc454c70dfe01dc11bc0ba3c0849e4fae840aa2a127164b4fd2466023fc793df56fdbf9f1db1ecbb5ae38bf22eacab092a13c30f7b8d732697a6c4e035b95ac216d864de0306856c345e71fd22f66c19e6d5551ef21cf17c9c3b763530064bcf3fdabe7fb4a370dd858f26f71f00c2ca72b0169c3420a53b7ebe561500ac41e78879b5e6a2cd4347ea9a163385e09d793f789f89325ad2781605703bebc9c31812e267b81a9420bda9ca36f8a2a33216516736149c4aa398ccfd12abd6d