*.icebreaker.com

- Icebreaker Holdings -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0a:6a:00:00:e2:d8:27:02:81:fb:19:99:b7:bf:af:f1 was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Icebreaker Holdings

Organization: Icebreaker Holdings
Locality: Auckland
Country: NZ

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0a:6a:00:00:e2:d8:27:02:81:fb:19:99:b7:bf:af:f1
Serial Number (int): 13842663495058774872875476708870828017
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 26:df:6c:1b:b5:d0:3b:25:16:84:15:3d:f7:64:28:db:12:79:f0:c9
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): b7:54:f6:d8:d4:96:16:d6:bc:b3:27:08:a7:62:3e:99:2e:d5:b8:37
Fingerprint (sha256): 42:91:6b:84:ff:9c:cc:80:d4:25:7f:86:09:8e:9e:99:57:73:f5:bc:f4:a3:5b:37:06:b4:7e:d3:b7:4a:02:38

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate *.icebreaker.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.icebreaker.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.icebreaker.com
www.icebreaker.com
icebreaker.com

Other certificates including the domain name icebreaker.com

(limited to 100 certificates)
ithelpdesk.endologix.com
link.icebreaker.com
ssl417474.cloudflaressl.com
helpdesk.enableinjections.com
sipca.icebreaker.com
helpdesk.dpsgroupglobal.com
icebreaker.com
*.icebreaker.com
secure.icebreaker.com
nhmail.icebreaker.com
sales.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
ssl417476.cloudflaressl.com
support.unpri.org
southernchronicles.icebreaker.com
mail.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
ithelpdesk.endologix.com
shmail.icebreaker.com
ssl417474.cloudflaressl.com
southernchronicles.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
sipca.icebreaker.com
ICEBREAKER.COM
secure.icebreaker.com
sts.icebreaker.com
helpdesk.dpsgroupglobal.com
*.icebreaker.com
link3.icebreaker.com
*.icebreaker.com
secure.icebreaker.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
ssl417475.cloudflaressl.com
*.icebreaker.com
shmail.icebreaker.com
support.unpri.org
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
link.icebreaker.com
*.icebreaker.com
link3.icebreaker.com
mail.icebreaker.com
support.unpri.org
*.icebreaker.com
ithelpdesk.endologix.com
ssl417474.cloudflaressl.com
ithelpdesk.endologix.com
image.icebreaker.com
ssl417475.cloudflaressl.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
southernchronicles.icebreaker.com
ssl417474.cloudflaressl.com
*.icebreaker.com
southernchronicles.icebreaker.com
tbancs.icebreaker.com
ssl417476.cloudflaressl.com
*.icebreaker.com
preferences.icebreaker.com
*.icebreaker.com
*.icebreaker.com
ssl417474.cloudflaressl.com
support.unpri.org
sts.icebreaker.com
southernchronicles.icebreaker.com
helpdesk.dpsgroupglobal.com
ithelpdesk.endologix.com
secure.icebreaker.com
preferences.icebreaker.com
helpdesk.dpsgroupglobal.com
southernchronicles.icebreaker.com
servicedesk.acdlabs.com
southernchronicles.icebreaker.com
*.icebreaker.com
sts.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
as2.icebreaker.com
secure.icebreaker.com
*.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
secure.icebreaker.com
ithelpdesk.endologix.com
ssl417475.cloudflaressl.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
support.unpri.org
servicedesk.smcm.edu
helpdesk.icebreaker.com
ithelpdesk.endologix.com
tbancs.icebreaker.com
helpdesk.enableinjections.com
*.icebreaker.com

Certificate

The complete raw certificate details for *.icebreaker.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH7jCCBtagAwIBAgIQCmoAAOLYJwKB+xmZt7+v8TANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
NDIyMDAwMDAwWhcNMjUwNTA4MjM1OTU5WjBZMQswCQYDVQQGEwJOWjERMA8GA1UE
BxMIQXVja2xhbmQxHDAaBgNVBAoTE0ljZWJyZWFrZXIgSG9sZGluZ3MxGTAXBgNV
BAMMECouaWNlYnJlYWtlci5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCgPmmPUKdPlUBGL353nMq7Duu//biXM1qaz8HsPn89GZRmdgEgvSHObkqi
mA/qJiJezKO3xhvxEuQ65xz6LSv5q/DxA4uUY6MXpxeuDopjr3FJdfKQahcgAi8X
kZkoJq3AB2ACuqdE2AgS84TdsYdRMcnAoF+EB35YupnxmoJCLz7z+ATC1F76QqIt
noD6i3WXiYzZmw+m+ntcKhsXrRHGgyOoKb0igXuJyUVKjtHkoDKwNYgYu0t1OWgZ
T+VDvIbuSwK0q3TWdKE6NPfvsCaqybfh1/77EAkvuNoGBDE5YGhslYvBztNBR9ss
/8otkfqb4MOFLi2rAR55VChOwtWx1ouCYE9Cgv7grlfIV6e3QuAToGCKJeh0OGgO
UMqe29tmYtpxWh4tVlRLB3FMcZ7c4W8A9KEbJkZBs7UawsQu2qdBnRLKrTqtEgxT
KhD7kkTCs0Bp+POZX8o0m3Lh29mBPLAty37Noxv8m55lGHxbRZjtm08vsqzQ3JAy
fSvIZPChf+mIBteD/L9VwaVIj13vVUZYNzgRzkKHTxbYV78A6Ge1TFTxEigjZvTy
Y+Tq/bdeu7xH2mXaH6wkl0dF7bRqmso6hqWjG3S8X6esNSJQ6nmV4Z1oJ0ZXd6qJ
kW7+1l8ZARFbIDOUSeZiC6kqJCKvypVr2zDQpzjS6Ff5uQmTOwIDAQABo4IDsDCC
A6wwHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0OBBYEFCbf
bBu10DslFoQVPfdkKNsSefDJMD8GA1UdEQQ4MDaCECouaWNlYnJlYWtlci5jb22C
End3dy5pY2VicmVha2VyLmNvbYIOaWNlYnJlYWtlci5jb20wPgYDVR0gBDcwNTAz
BgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20v
Q1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
L0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3JsMEigRqBE
hkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JT
QVNIQTI1NjIwMjBDQTEtMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8v
Y2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1
NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFu
BIIBagFoAHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPA68n
VwAABAMARjBEAiArhkafKPpGQQHUKS1Xv9l3LxmmeN7PC/QZ+O2/E+JregIgNxYf
rn+NkM224tZD+epG18lF08+kJHynuVLMTC40sHQAdgB9WR4S4XgqexxhZ3xe/fjQ
h1wUoE6VnrkDL9kOjC55uAAAAY8DryeRAAAEAwBHMEUCIQDv3HWbMk7YCcgZDZ8F
CsUlaqlK3KjguMhHn1H1Ovj3eAIgYm3FfJEyGGgVO770yFsfE9KWitGwVkkGo723
2N1SZ+cAdwDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY8Dryeq
AAAEAwBIMEYCIQDPK1RxwJ2z+FjFPH9UDhlCCXz0HvTCK/3e0Z+UUzcWkAIhAODt
EW7upLOD4Z/Hb/8o5EaPMJ649TG6eQb04B2zI3zaMA0GCSqGSIb3DQEBCwUAA4IB
AQB8ott6Q45Ul13Vuae7IVArKpfLCuwhL8pl3c5DkcOsEInrX53Kj02zxh83K53/
vbHNrTcA/T0stMWCLXYQ6f4RENwyliFMcFtjKgZGu/vLWz9LzxQBpZ+PlTbBMAQI
qxiLzQKNyOZZk4NP77dG8q4ikueg4NpKnLLNiKnc/MKbb43tWmJ7Ba942U+EqA45
KmqeqleD1chguGExIDRgFd8A+kR1w5L973VMrHTCDX4jbwt8tfUbH+a0vRymgqWs
Mw2fW/3AL71NzMPXKJL5m2XUz48XSKIwrw8xqn1MM+gErYplZbREZ3aLW6H7Bfni
DXbF/nRCtV9NOcLkqfmNKT2/
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoD5pj1CnT5VARi9+d5zK
uw7rv/24lzNams/B7D5/PRmUZnYBIL0hzm5KopgP6iYiXsyjt8Yb8RLkOucc+i0r
+avw8QOLlGOjF6cXrg6KY69xSXXykGoXIAIvF5GZKCatwAdgArqnRNgIEvOE3bGH
UTHJwKBfhAd+WLqZ8ZqCQi8+8/gEwtRe+kKiLZ6A+ot1l4mM2ZsPpvp7XCobF60R
xoMjqCm9IoF7iclFSo7R5KAysDWIGLtLdTloGU/lQ7yG7ksCtKt01nShOjT377Am
qsm34df++xAJL7jaBgQxOWBobJWLwc7TQUfbLP/KLZH6m+DDhS4tqwEeeVQoTsLV
sdaLgmBPQoL+4K5XyFent0LgE6BgiiXodDhoDlDKntvbZmLacVoeLVZUSwdxTHGe
3OFvAPShGyZGQbO1GsLELtqnQZ0Syq06rRIMUyoQ+5JEwrNAafjzmV/KNJty4dvZ
gTywLct+zaMb/JueZRh8W0WY7ZtPL7Ks0NyQMn0ryGTwoX/piAbXg/y/VcGlSI9d
71VGWDc4Ec5Ch08W2Fe/AOhntUxU8RIoI2b08mPk6v23Xru8R9pl2h+sJJdHRe20
aprKOoaloxt0vF+nrDUiUOp5leGdaCdGV3eqiZFu/tZfGQERWyAzlEnmYgupKiQi
r8qVa9sw0Kc40uhX+bkJkzsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13842663495058774872875476708870828017
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Auckland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Icebreaker Holdings'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.icebreaker.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 653737660825224020343246850129071155750906404220814735067861456311740110695640074715150842765505703245988272453711829977984571016666552525524878533319241260247426095966214931876425343771241958970612847541893832443749426075270740511348820375765046929615876669254230008076352298085845472344858289430646786704641805719292147957310114514463397160900727040200381138455033881841550818604229240579092825922390841552702051601763861626939026841774222915984793194267618826849553617175714033301279832703965726303354857976813378589081106924977875681812719864792163578812506289427775121733189814274757336967992661762390221684323507798728626755316348721078846201963537995545852703743365735218372135738113227875738117391729123974620997320553197005547048316579549535471386586175066765736870689682879535313092242726141891516901861618001397716853566028499563056051202678748471798678718123339193385918029693348620897443811542881822399781295853852190598450054877345972524542975040178182831475256027126207093463519586067176029907434499091391953998254911542125078039687852153118658232569526479937697637739107072739605696412410123807755333448722279849248801170269627342179204915635526248979845041951813125887713337086622019559059402160889665788505414538043
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							26df6c1bb5d03b251684153df76428db1279f0c9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icebreaker.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f03af2757000004030046304402202b86469f28fa464101d4292d57bfd9772f19a678decf0bf419f8edbf13e26b7a022037161fae7f8d90cdb6e2d643f9ea46d7c945d3cfa4247ca7b952cc4c2e34b0740076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f03af27910000040300473045022100efdc759b324ed809c8190d9f050ac5256aa94adca8e0b8c8479f51f53af8f7780220626dc57c91321868153bbef4c85b1f13d2968ad1b0564906a3bdb7d8dd5267e7007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f03af27aa0000040300483046022100cf2b5471c09db3f858c53c7f540e1942097cf41ef4c22bfdded19f9453371690022100e0ed116eeea4b383e19fc76fff28e4468f309eb8f531ba7906f4e01db3237cda
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007ca2db7a438e54975dd5b9a7bb21502b2a97cb0aec212fca65ddce4391c3ac1089eb5f9dca8f4db3c61f372b9dffbdb1cdad3700fd3d2cb4c5822d7610e9fe1110dc3296214c705b632a0646bbfbcb5b3f4bcf1401a59f8f9536c1300408ab188bcd028dc8e65993834fefb746f2ae2292e7a0e0da4a9cb2cd88a9dcfcc29b6f8ded5a627b05af78d94f84a80e392a6a9eaa5783d5c860b8613120346015df00fa4475c392fdef754cac74c20d7e236f0b7cb5f51b1fe6b4bd1ca682a5ac330d9f5bfdc02fbd4dccc3d72892f99b65d4cf8f1748a230af0f31aa7d4c33e804ad8a6565b44467768b5ba1fb05f9e20d76c5fe7442b55f4d39c2e4a9f98d293dbf