www.heavenhr.com
- HeavenHR GmbH -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 08:1d:5a:1c:f5:f7:7f:fe:4a:a1:d5:33:61:95:21:68 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
HeavenHR GmbH
Company registration number:
HRB 167992
Organization: HeavenHR GmbH
Organization: HeavenHR GmbH
Locality:
Berlin
Country: DE
Country: DE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:1d:5a:1c:f5:f7:7f:fe:4a:a1:d5:33:61:95:21:68Serial Number (int): 10786228286552752549265937005242818920
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: b1:bc:32:85:74:b7:58:84:69:0e:2a:06:bf:9f:ed:56:55:25:1c:30
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 09:bf:8a:f5:c5:cf:a6:9b:a9:84:c0:c3:13:5e:50:bf:e7:da:f6:77
Fingerprint (sha256): 41:98:07:43:d1:1a:d8:21:d4:08:4b:09:f0:f5:bd:75:cd:26:7f:fa:c0:cd:67:9c:cf:89:ae:a2:e2:b0:fd:54
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate www.heavenhr.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.heavenhr.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
heavenhr.com
www.heavenhr.com
www.heavenhr.com
Other certificates including the domain name heavenhr.com
(limited to 100 certificates)
tls.automattic.com
tls.automattic.com
support.qualityspa.fr
*.staging.heavenhr.com
staff.ncchomelearning.co.uk
www.heavenhr.com
tls.automattic.com
help.morewithproject.com
*.heavenhr.com
*.preprod.heavenhr.com
www.heavenhr.com
www.heavenhr.com
www.heavenhr.com
tls.automattic.com
desk.heavenhr.de
*.heavenhr.com
www.heavenhr.com
incapsula.com
*.integration.heavenhr.com
www.heavenhr.com
www.heavenhr.com
tls.automattic.com
incapsula.com
support.xpence.uk
support.checkpointsolutions.co.uk
*.heavenhr.com
*.heavenhr.com
www.heavenhr.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
*.integration.heavenhr.com
*.heavenhr.com
www.heavenhr.com
tls.automattic.com
*.staging.heavenhr.com
incapsula.com
tls.automattic.com
www.heavenhr.com
tls.automattic.com
support.xpence.uk
incapsula.com
tls.automattic.com
tls.automattic.com
www.heavenhr.com
tls.automattic.com
tls.automattic.com
support.wowing.io
*.heavenhr.com
tls.automattic.com
www.heavenhr.com
www.heavenhr.com
*.heavenhr.com
www.heavenhr.com
*.preprod.heavenhr.com
tls.automattic.com
tls.automattic.com
support-test.flocash.com
*.staging.heavenhr.com
lohngenau.heavenhr.com
tls.automattic.com
payment.heavenhr.com
support.xpence.uk
tls.automattic.com
*.heavenhr.com
www.heavenhr.com
incapsula.com
tls.automattic.com
tls.automattic.com
*.staging.heavenhr.com
www.heavenhr.com
*.heavenhr.com
tls.automattic.com
tls.automattic.com
porr.idealgrupa.pl
soporte.blancoseguros.es
tls.automattic.com
tls.automattic.com
support.qualityspa.fr
*.staging.heavenhr.com
staff.ncchomelearning.co.uk
www.heavenhr.com
tls.automattic.com
help.morewithproject.com
*.heavenhr.com
*.preprod.heavenhr.com
www.heavenhr.com
www.heavenhr.com
www.heavenhr.com
tls.automattic.com
desk.heavenhr.de
*.heavenhr.com
www.heavenhr.com
incapsula.com
*.integration.heavenhr.com
www.heavenhr.com
www.heavenhr.com
tls.automattic.com
incapsula.com
support.xpence.uk
support.checkpointsolutions.co.uk
*.heavenhr.com
*.heavenhr.com
www.heavenhr.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
*.integration.heavenhr.com
*.heavenhr.com
www.heavenhr.com
tls.automattic.com
*.staging.heavenhr.com
incapsula.com
tls.automattic.com
www.heavenhr.com
tls.automattic.com
support.xpence.uk
incapsula.com
tls.automattic.com
tls.automattic.com
www.heavenhr.com
tls.automattic.com
tls.automattic.com
support.wowing.io
*.heavenhr.com
tls.automattic.com
www.heavenhr.com
www.heavenhr.com
*.heavenhr.com
www.heavenhr.com
*.preprod.heavenhr.com
tls.automattic.com
tls.automattic.com
support-test.flocash.com
*.staging.heavenhr.com
lohngenau.heavenhr.com
tls.automattic.com
payment.heavenhr.com
support.xpence.uk
tls.automattic.com
*.heavenhr.com
www.heavenhr.com
incapsula.com
tls.automattic.com
tls.automattic.com
*.staging.heavenhr.com
www.heavenhr.com
*.heavenhr.com
tls.automattic.com
tls.automattic.com
porr.idealgrupa.pl
soporte.blancoseguros.es
tls.automattic.com
Certificate
The complete raw certificate details for www.heavenhr.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2DCCBcCgAwIBAgIQCB1aHPX3f/5KodUzYZUhaDANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDQxNjAwMDAwMFoXDTIxMDQyMjEy MDAwMFowgdQxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAkRFMRcwFQYLKwYBBAGCNzwCAQITBkJlcmxpbjEfMB0GCysGAQQB gjc8AgEBEw5DaGFybG90dGVuYnVyZzETMBEGA1UEBRMKSFJCIDE2Nzk5MjELMAkG A1UEBhMCREUxDzANBgNVBAcTBkJlcmxpbjEWMBQGA1UEChMNSGVhdmVuSFIgR21i SDEZMBcGA1UEAxMQd3d3LmhlYXZlbmhyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMTXUAJw3BvC4GW5NZrbogOu+yLaf1zCtDwCMb9EdRXerafQ 45s/+hMNqTulJCwnv/7Pxf0vexWQnh+mUnyIkcSX+ik64V1ZOvrJkag0k6eB1nFY WgCLrrure6Zy9eqTrrAq6ytdZCrEJgHZkhJR5nUiEhCRWadjfph8vk754cOPs8KR OdYtdD6aEybVRSJO+8g8U6tY0x3anTgXs/ALZYqLcPBX48Ayvrtcm8GMRv+IvPBQ SJOG4ZwM9d3jPsDywwmeAe5+TfCs+Hs5wnFzhhP5+eAyXK0srLlH/VBtePQnxdeT 1KkxkN8nICEtNV1oIbm1rkp/9N4oQp0VLziVjHMCAwEAAaOCAwIwggL+MB8GA1Ud IwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBSxvDKFdLdYhGkO Kga/n+1WVSUcMDApBgNVHREEIjAgggxoZWF2ZW5oci5jb22CEHd3dy5oZWF2ZW5o ci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20v c2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2Vy dC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9 bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw BwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29j c3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdp Y2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0Eu Y3J0MAwGA1UdEwEB/wQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgB9PvL4 j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAXGB7DGIAAAEAwBHMEUCIFWE a8EzXTDdzVQJ8+y1TSjdVOMFw3seCx+6igP721P2AiEA8JkLPw3pzAKazMIJhvZV aMth5+1u84EocJkR6B7EKWUAdQBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m 9scOygAAAXGB7DFpAAAEAwBGMEQCIHuAR3SLHIv5tVfTsCoIg//oS2q4wwnDNpq+ QeInS7JpAiATfedFkCq36GnuuvDvGHyhrH2vkCPlaVwd2ugOgqtE+jANBgkqhkiG 9w0BAQsFAAOCAQEAZxs4SPaAIxW9VaCE3pI6bVQHUj9q8i41MvCpfAeZIKNGyHzy pnHz/ks+2YpPjHN3WUWj9sLA/RvJMF/KLnGdSIVP+v2PlFNW6UlJu/0O0UTk5aqq svHql8/tZIhpcA/oEh4GAc7miaEE//nqt9XliSVKbuI1dpL34dVB8GDCczDXWeE5 XgpnQL7SUBqlgdVZR15DSTQKDqw0hCnjt/IJo4VTvtAKBoR6lvvWY0oRCSEa7kEb b0cS4WV4ONHCX6tcOzGO2WRVIwW8pKD+gVHuwU9/+tQJnceHE6lWi+bDpf+jt0gW FT61bLgMbhZiHMD6v47K5h2ltVZb3/m2FyU0sg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNdQAnDcG8LgZbk1mtui A677Itp/XMK0PAIxv0R1Fd6tp9Djmz/6Ew2pO6UkLCe//s/F/S97FZCeH6ZSfIiR xJf6KTrhXVk6+smRqDSTp4HWcVhaAIuuu6t7pnL16pOusCrrK11kKsQmAdmSElHm dSISEJFZp2N+mHy+Tvnhw4+zwpE51i10PpoTJtVFIk77yDxTq1jTHdqdOBez8Atl iotw8FfjwDK+u1ybwYxG/4i88FBIk4bhnAz13eM+wPLDCZ4B7n5N8Kz4eznCcXOG E/n54DJcrSysuUf9UG149CfF15PUqTGQ3ycgIS01XWghubWuSn/03ihCnRUvOJWM cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10786228286552752549265937005242818920 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-22 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Charlottenburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRB 167992' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HeavenHR GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.heavenhr.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24848882342643165335916587338121845198004292316507091090449931381832523472782808195305828942224193368375394614664674708376086554326875358963261129842760773682125916070198663603818418450842011209527887485454400636751486525294013558966116708827960581954101432013248105576282387328981795266918244830708741234026959160484034491638944532926214316618918591217809474102873413831581489617486001737279349537418980961668151823897649160630449621395827593398600332506779866295192059218547330209822704090556385635366179949057949548440609593330541474727211373258312303312531820288620814969283725353139497810184391271115008683379827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b1bc328574b75884690e2a06bf9fed5655251c30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heavenhr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heavenhr.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d70000017181ec31880000040300473045022055846bc1335d30ddcd5409f3ecb54d28dd54e305c37b1e0b1fba8a03fbdb53f6022100f0990b3f0de9cc029accc20986f65568cb61e7ed6ef38128709911e81ec429650075005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000017181ec3169000004030046304402207b8047748b1c8bf9b557d3b02a0883ffe84b6ab8c309c3369abe41e2274bb2690220137de745902ab7e869eebaf0ef187ca1ac7daf9023e5695c1ddae80e82ab44fa . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00671b3848f6802315bd55a084de923a6d5407523f6af22e3532f0a97c079920a346c87cf2a671f3fe4b3ed98a4f8c73775945a3f6c2c0fd1bc9305fca2e719d48854ffafd8f945356e94949bbfd0ed144e4e5aaaab2f1ea97cfed648869700fe8121e0601cee689a104fff9eab7d5e589254a6ee2357692f7e1d541f060c27330d759e1395e0a6740bed2501aa581d559475e4349340a0eac348429e3b7f209a38553bed00a06847a96fbd6634a1109211aee411b6f4712e1657838d1c25fab5c3b318ed964552305bca4a0fe8151eec14f7ffad4099dc78713a9568be6c3a5ffa3b74816153eb56cb80c6e16621cc0fabf8ecae61da5b5565bdff9b6172534b2