*.icebreaker.com
- Icebreaker Holdings -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0a:6a:00:00:e2:d8:27:02:81:fb:19:99:b7:bf:af:f1 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Icebreaker Holdings
Organization:
Icebreaker Holdings
Locality:
Auckland
Country: NZ
Country: NZ
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:6a:00:00:e2:d8:27:02:81:fb:19:99:b7:bf:af:f1Serial Number (int): 13842663495058774872875476708870828017
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 26:df:6c:1b:b5:d0:3b:25:16:84:15:3d:f7:64:28:db:12:79:f0:c9
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): b7:54:f6:d8:d4:96:16:d6:bc:b3:27:08:a7:62:3e:99:2e:d5:b8:37
Fingerprint (sha256): 42:91:6b:84:ff:9c:cc:80:d4:25:7f:86:09:8e:9e:99:57:73:f5:bc:f4:a3:5b:37:06:b4:7e:d3:b7:4a:02:38
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate *.icebreaker.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.icebreaker.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.icebreaker.com
www.icebreaker.com
icebreaker.com
www.icebreaker.com
icebreaker.com
Other certificates including the domain name icebreaker.com
(limited to 100 certificates)
ithelpdesk.endologix.com
link.icebreaker.com
ssl417474.cloudflaressl.com
helpdesk.enableinjections.com
sipca.icebreaker.com
helpdesk.dpsgroupglobal.com
icebreaker.com
*.icebreaker.com
secure.icebreaker.com
nhmail.icebreaker.com
sales.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
ssl417476.cloudflaressl.com
support.unpri.org
southernchronicles.icebreaker.com
mail.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
ithelpdesk.endologix.com
shmail.icebreaker.com
ssl417474.cloudflaressl.com
southernchronicles.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
sipca.icebreaker.com
ICEBREAKER.COM
secure.icebreaker.com
sts.icebreaker.com
helpdesk.dpsgroupglobal.com
*.icebreaker.com
link3.icebreaker.com
*.icebreaker.com
secure.icebreaker.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
ssl417475.cloudflaressl.com
*.icebreaker.com
shmail.icebreaker.com
support.unpri.org
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
link.icebreaker.com
*.icebreaker.com
link3.icebreaker.com
mail.icebreaker.com
support.unpri.org
*.icebreaker.com
ithelpdesk.endologix.com
ssl417474.cloudflaressl.com
ithelpdesk.endologix.com
image.icebreaker.com
ssl417475.cloudflaressl.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
southernchronicles.icebreaker.com
ssl417474.cloudflaressl.com
*.icebreaker.com
southernchronicles.icebreaker.com
tbancs.icebreaker.com
ssl417476.cloudflaressl.com
*.icebreaker.com
preferences.icebreaker.com
*.icebreaker.com
*.icebreaker.com
ssl417474.cloudflaressl.com
support.unpri.org
sts.icebreaker.com
southernchronicles.icebreaker.com
helpdesk.dpsgroupglobal.com
ithelpdesk.endologix.com
secure.icebreaker.com
preferences.icebreaker.com
helpdesk.dpsgroupglobal.com
southernchronicles.icebreaker.com
servicedesk.acdlabs.com
southernchronicles.icebreaker.com
*.icebreaker.com
sts.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
as2.icebreaker.com
secure.icebreaker.com
*.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
secure.icebreaker.com
ithelpdesk.endologix.com
ssl417475.cloudflaressl.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
support.unpri.org
servicedesk.smcm.edu
helpdesk.icebreaker.com
ithelpdesk.endologix.com
tbancs.icebreaker.com
helpdesk.enableinjections.com
*.icebreaker.com
link.icebreaker.com
ssl417474.cloudflaressl.com
helpdesk.enableinjections.com
sipca.icebreaker.com
helpdesk.dpsgroupglobal.com
icebreaker.com
*.icebreaker.com
secure.icebreaker.com
nhmail.icebreaker.com
sales.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
ssl417476.cloudflaressl.com
support.unpri.org
southernchronicles.icebreaker.com
mail.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
ithelpdesk.endologix.com
shmail.icebreaker.com
ssl417474.cloudflaressl.com
southernchronicles.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
sipca.icebreaker.com
ICEBREAKER.COM
secure.icebreaker.com
sts.icebreaker.com
helpdesk.dpsgroupglobal.com
*.icebreaker.com
link3.icebreaker.com
*.icebreaker.com
secure.icebreaker.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
ssl417475.cloudflaressl.com
*.icebreaker.com
shmail.icebreaker.com
support.unpri.org
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
link.icebreaker.com
*.icebreaker.com
link3.icebreaker.com
mail.icebreaker.com
support.unpri.org
*.icebreaker.com
ithelpdesk.endologix.com
ssl417474.cloudflaressl.com
ithelpdesk.endologix.com
image.icebreaker.com
ssl417475.cloudflaressl.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
southernchronicles.icebreaker.com
ssl417474.cloudflaressl.com
*.icebreaker.com
southernchronicles.icebreaker.com
tbancs.icebreaker.com
ssl417476.cloudflaressl.com
*.icebreaker.com
preferences.icebreaker.com
*.icebreaker.com
*.icebreaker.com
ssl417474.cloudflaressl.com
support.unpri.org
sts.icebreaker.com
southernchronicles.icebreaker.com
helpdesk.dpsgroupglobal.com
ithelpdesk.endologix.com
secure.icebreaker.com
preferences.icebreaker.com
helpdesk.dpsgroupglobal.com
southernchronicles.icebreaker.com
servicedesk.acdlabs.com
southernchronicles.icebreaker.com
*.icebreaker.com
sts.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
as2.icebreaker.com
secure.icebreaker.com
*.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
secure.icebreaker.com
ithelpdesk.endologix.com
ssl417475.cloudflaressl.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
support.unpri.org
servicedesk.smcm.edu
helpdesk.icebreaker.com
ithelpdesk.endologix.com
tbancs.icebreaker.com
helpdesk.enableinjections.com
*.icebreaker.com
Certificate
The complete raw certificate details for *.icebreaker.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH7jCCBtagAwIBAgIQCmoAAOLYJwKB+xmZt7+v8TANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw NDIyMDAwMDAwWhcNMjUwNTA4MjM1OTU5WjBZMQswCQYDVQQGEwJOWjERMA8GA1UE BxMIQXVja2xhbmQxHDAaBgNVBAoTE0ljZWJyZWFrZXIgSG9sZGluZ3MxGTAXBgNV BAMMECouaWNlYnJlYWtlci5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQCgPmmPUKdPlUBGL353nMq7Duu//biXM1qaz8HsPn89GZRmdgEgvSHObkqi mA/qJiJezKO3xhvxEuQ65xz6LSv5q/DxA4uUY6MXpxeuDopjr3FJdfKQahcgAi8X kZkoJq3AB2ACuqdE2AgS84TdsYdRMcnAoF+EB35YupnxmoJCLz7z+ATC1F76QqIt noD6i3WXiYzZmw+m+ntcKhsXrRHGgyOoKb0igXuJyUVKjtHkoDKwNYgYu0t1OWgZ T+VDvIbuSwK0q3TWdKE6NPfvsCaqybfh1/77EAkvuNoGBDE5YGhslYvBztNBR9ss /8otkfqb4MOFLi2rAR55VChOwtWx1ouCYE9Cgv7grlfIV6e3QuAToGCKJeh0OGgO UMqe29tmYtpxWh4tVlRLB3FMcZ7c4W8A9KEbJkZBs7UawsQu2qdBnRLKrTqtEgxT KhD7kkTCs0Bp+POZX8o0m3Lh29mBPLAty37Noxv8m55lGHxbRZjtm08vsqzQ3JAy fSvIZPChf+mIBteD/L9VwaVIj13vVUZYNzgRzkKHTxbYV78A6Ge1TFTxEigjZvTy Y+Tq/bdeu7xH2mXaH6wkl0dF7bRqmso6hqWjG3S8X6esNSJQ6nmV4Z1oJ0ZXd6qJ kW7+1l8ZARFbIDOUSeZiC6kqJCKvypVr2zDQpzjS6Ff5uQmTOwIDAQABo4IDsDCC A6wwHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0OBBYEFCbf bBu10DslFoQVPfdkKNsSefDJMD8GA1UdEQQ4MDaCECouaWNlYnJlYWtlci5jb22C End3dy5pY2VicmVha2VyLmNvbYIOaWNlYnJlYWtlci5jb20wPgYDVR0gBDcwNTAz BgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20v Q1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29t L0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3JsMEigRqBE hkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JT QVNIQTI1NjIwMjBDQTEtMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcw AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8v Y2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1 NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFu BIIBagFoAHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPA68n VwAABAMARjBEAiArhkafKPpGQQHUKS1Xv9l3LxmmeN7PC/QZ+O2/E+JregIgNxYf rn+NkM224tZD+epG18lF08+kJHynuVLMTC40sHQAdgB9WR4S4XgqexxhZ3xe/fjQ h1wUoE6VnrkDL9kOjC55uAAAAY8DryeRAAAEAwBHMEUCIQDv3HWbMk7YCcgZDZ8F CsUlaqlK3KjguMhHn1H1Ovj3eAIgYm3FfJEyGGgVO770yFsfE9KWitGwVkkGo723 2N1SZ+cAdwDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY8Dryeq AAAEAwBIMEYCIQDPK1RxwJ2z+FjFPH9UDhlCCXz0HvTCK/3e0Z+UUzcWkAIhAODt EW7upLOD4Z/Hb/8o5EaPMJ649TG6eQb04B2zI3zaMA0GCSqGSIb3DQEBCwUAA4IB AQB8ott6Q45Ul13Vuae7IVArKpfLCuwhL8pl3c5DkcOsEInrX53Kj02zxh83K53/ vbHNrTcA/T0stMWCLXYQ6f4RENwyliFMcFtjKgZGu/vLWz9LzxQBpZ+PlTbBMAQI qxiLzQKNyOZZk4NP77dG8q4ikueg4NpKnLLNiKnc/MKbb43tWmJ7Ba942U+EqA45 KmqeqleD1chguGExIDRgFd8A+kR1w5L973VMrHTCDX4jbwt8tfUbH+a0vRymgqWs Mw2fW/3AL71NzMPXKJL5m2XUz48XSKIwrw8xqn1MM+gErYplZbREZ3aLW6H7Bfni DXbF/nRCtV9NOcLkqfmNKT2/ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoD5pj1CnT5VARi9+d5zK uw7rv/24lzNams/B7D5/PRmUZnYBIL0hzm5KopgP6iYiXsyjt8Yb8RLkOucc+i0r +avw8QOLlGOjF6cXrg6KY69xSXXykGoXIAIvF5GZKCatwAdgArqnRNgIEvOE3bGH UTHJwKBfhAd+WLqZ8ZqCQi8+8/gEwtRe+kKiLZ6A+ot1l4mM2ZsPpvp7XCobF60R xoMjqCm9IoF7iclFSo7R5KAysDWIGLtLdTloGU/lQ7yG7ksCtKt01nShOjT377Am qsm34df++xAJL7jaBgQxOWBobJWLwc7TQUfbLP/KLZH6m+DDhS4tqwEeeVQoTsLV sdaLgmBPQoL+4K5XyFent0LgE6BgiiXodDhoDlDKntvbZmLacVoeLVZUSwdxTHGe 3OFvAPShGyZGQbO1GsLELtqnQZ0Syq06rRIMUyoQ+5JEwrNAafjzmV/KNJty4dvZ gTywLct+zaMb/JueZRh8W0WY7ZtPL7Ks0NyQMn0ryGTwoX/piAbXg/y/VcGlSI9d 71VGWDc4Ec5Ch08W2Fe/AOhntUxU8RIoI2b08mPk6v23Xru8R9pl2h+sJJdHRe20 aprKOoaloxt0vF+nrDUiUOp5leGdaCdGV3eqiZFu/tZfGQERWyAzlEnmYgupKiQi r8qVa9sw0Kc40uhX+bkJkzsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13842663495058774872875476708870828017 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Auckland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Icebreaker Holdings' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.icebreaker.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 653737660825224020343246850129071155750906404220814735067861456311740110695640074715150842765505703245988272453711829977984571016666552525524878533319241260247426095966214931876425343771241958970612847541893832443749426075270740511348820375765046929615876669254230008076352298085845472344858289430646786704641805719292147957310114514463397160900727040200381138455033881841550818604229240579092825922390841552702051601763861626939026841774222915984793194267618826849553617175714033301279832703965726303354857976813378589081106924977875681812719864792163578812506289427775121733189814274757336967992661762390221684323507798728626755316348721078846201963537995545852703743365735218372135738113227875738117391729123974620997320553197005547048316579549535471386586175066765736870689682879535313092242726141891516901861618001397716853566028499563056051202678748471798678718123339193385918029693348620897443811542881822399781295853852190598450054877345972524542975040178182831475256027126207093463519586067176029907434499091391953998254911542125078039687852153118658232569526479937697637739107072739605696412410123807755333448722279849248801170269627342179204915635526248979845041951813125887713337086622019559059402160889665788505414538043 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 26df6c1bb5d03b251684153df76428db1279f0c9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.icebreaker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.icebreaker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icebreaker.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f03af2757000004030046304402202b86469f28fa464101d4292d57bfd9772f19a678decf0bf419f8edbf13e26b7a022037161fae7f8d90cdb6e2d643f9ea46d7c945d3cfa4247ca7b952cc4c2e34b0740076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f03af27910000040300473045022100efdc759b324ed809c8190d9f050ac5256aa94adca8e0b8c8479f51f53af8f7780220626dc57c91321868153bbef4c85b1f13d2968ad1b0564906a3bdb7d8dd5267e7007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f03af27aa0000040300483046022100cf2b5471c09db3f858c53c7f540e1942097cf41ef4c22bfdded19f9453371690022100e0ed116eeea4b383e19fc76fff28e4468f309eb8f531ba7906f4e01db3237cda . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007ca2db7a438e54975dd5b9a7bb21502b2a97cb0aec212fca65ddce4391c3ac1089eb5f9dca8f4db3c61f372b9dffbdb1cdad3700fd3d2cb4c5822d7610e9fe1110dc3296214c705b632a0646bbfbcb5b3f4bcf1401a59f8f9536c1300408ab188bcd028dc8e65993834fefb746f2ae2292e7a0e0da4a9cb2cd88a9dcfcc29b6f8ded5a627b05af78d94f84a80e392a6a9eaa5783d5c860b8613120346015df00fa4475c392fdef754cac74c20d7e236f0b7cb5f51b1fe6b4bd1ca682a5ac330d9f5bfdc02fbd4dccc3d72892f99b65d4cf8f1748a230af0f31aa7d4c33e804ad8a6565b44467768b5ba1fb05f9e20d76c5fe7442b55f4d39c2e4a9f98d293dbf