secure.nyserda.ny.gov

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number ff:68:a4:cc:81:f5:5c:49:60:e9:fd:a8:b4:38:0d:e8 was issued on by Sectigo Limited.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=secure.nyserda.ny.gov,OU=Domain Control Validated+OU=PositiveSSL Multi-Domain

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): ff:68:a4:cc:81:f5:5c:49:60:e9:fd:a8:b4:38:0d:e8
Serial Number (int): 339496480316381510351783599421594799592
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: b1:02:16:ed:9e:c4:80:b5:be:54:b1:c8:51:51:29:6a:61:72:f1:65
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): 80:0e:4b:86:a9:8b:2f:ef:9b:ab:be:51:54:81:ee:87:b2:46:be:c3
Fingerprint (sha256): 43:8f:a7:7f:44:ea:8a:b7:8f:d8:c9:ff:f5:a2:b7:c8:e1:04:55:68:08:43:4d:9d:5d:3e:49:0f:e3:3c:5e:94

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate secure.nyserda.ny.gov

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.nyserda.ny.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.nyserda.ny.gov
secure.nyserda.org
secureauth01.nyserda.org

Other certificates including the domain name ny.gov

(limited to 100 certificates)
www.tax.ny.gov
*.justicecenter.ny.gov
5638059940904960-fe3.pantheonsite.io
mail.cityofjohnstown.ny.gov
r4a10.osc.ny.gov
*.health.ny.gov
www.ciris.ny.gov
carpepm.almonds.com
5697124062724096-fe2.pantheonsite.io
5767917874446336-fe1.pantheonsite.io
*.hcr.ny.gov
5645914630782976-fe1.pantheonsite.io
5752571553644544-fe2.pantheonsite.io
el.nyserda.ny.gov
cjc.ny.gov
www.rev.ny.gov
5767917874446336-fe1.pantheonsite.io
5638059940904960-fe3.pantheonsite.io
*.health.ny.gov
tracs2.otda.ny.gov
ocra.omh.ny.gov
it.uahs.arizona.edu
learn.apps.loopstart.net
sni.cloudflaressl.com
int.sfs.ny.gov
recovery.dhses.ny.gov
www.tax.ny.gov
www.tax.ny.gov
5638059940904960-fe3.pantheonsite.io
Appcenter1.esd.ny.gov
5202656289095680-fe4.pantheonsite.io
5752571553644544-fe2.pantheonsite.io
*.hcr.ny.gov
www.perb.ny.gov
*.hcr.ny.gov
*.oagtest.ag.ny.gov
qasc.oft.ny.gov
bonds.hcr.ny.gov
*.opwdd.ny.gov
*.health.ny.gov
doccs-ndid.digital-dev.dmv.ny.gov
calendar.sdzsafaripark.org
devwebcloud.health.ny.gov
www.oscar.ny.gov
www.rev.ny.gov
dev.ag.ny.gov
youthworks.ny.gov
steuben911.ny.gov
APPS.OCFS.NY.GOV
recovery.dhses.ny.gov
mhprovider.qa.omh.ny.gov
vhc.wcb.ny.gov
*.dos.ny.gov
banking-business-review.com
climate.ny.gov
cdn-test.battlefields.org
5752571553644544-fe2.pantheonsite.io
WestchesterCDPS.ny.gov
*.omh.ny.gov
GardenCity.ny.gov
citeak.multidevcom.uaf.edu
qa.my.ny.gov
booking.virtualhometour.sg
portwashingtonpd.ny.gov
r5a20.osc.ny.gov
fulton.ny.gov
ertfin.sfs.ny.gov
*.criminaljustice.ny.gov
cortlandcounty.ny.gov
uihp2.labor.ny.gov
5697124062724096-fe2.pantheonsite.io
hcstgbi.osc.ny.gov
applications.labor.ny.gov
www2.dps.ny.gov
DOCCS-Submetering.BMS.ny.gov
chns120.courseresource.yale.edu
my.justicecenter.ny.gov
*.dec.ny.gov
bonds.hcr.ny.gov
*.troopers.ny.gov
5202656289095680-fe4.pantheonsite.io
vpcr-qa.justicecenter.ny.gov
data.ny.gov
ccf.ny.gov
*.ocfs.ny.gov
vhc.wcb.ny.gov
dmna.ny.gov
qa-ldap.ny.gov
pay-92qanyspows.osc.ny.gov
online.ogs.ny.gov
nystateofhealth.ny.gov
5202656289095680-fe4.pantheonsite.io
www7f.tax.ny.gov
labor.ny.gov
allegany.ny.gov
vpn3.dfs.ny.gov
RAVPN.FRG.NY.GOV
qasc.oft.ny.gov
sni.cloudflaressl.com
ihstgi.osc.ny.gov

Certificate

The complete raw certificate details for secure.nyserda.ny.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGqTCCBZGgAwIBAgIRAP9opMyB9VxJYOn9qLQ4DegwDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xOTAzMjgwMDAwMDBaFw0yMTAzMjcyMzU5NTlaMGYxITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEhMB8GA1UECxMYUG9zaXRpdmVTU0wgTXVs
dGktRG9tYWluMR4wHAYDVQQDExVzZWN1cmUubnlzZXJkYS5ueS5nb3YwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh2GOFCPyn/bJ31SL57Jnihgbxf810
Ad+VCM0i5VNhTOH1tH6DAcgpEGeofvSL4X38bajAMoatrh7TzOhEnsORYdX5t1n7
gUrannGHSYPxHNyH4UcfZUUgeyeCdHRTmVmt81mqP+9Tz+KXh+N9DJVWDAFJtm/y
ei+WD8joM3rnj/CPnKQT6pN4R8wO6Ll63pyLjtly2uSt31qFS5jYoySfaSSuo8hH
AbTK1kq+jN6XQ/ZIf8mzEJ8PWVUl6rTEqfJyPqCGvgzxJJjV261x8CBrYKRId2Dg
yCeeWJO1kOdO/XUd6wr0Lm1PJOnGkwQq6xRIT3E0QjmgB5EMlET8AAjbAgMBAAGj
ggMmMIIDIjAfBgNVHSMEGDAWgBSNjF7EVK2K4Xfpm/mbBeG4AY1h4TAdBgNVHQ4E
FgQUsQIW7Z7EgLW+VLHIUVEpamFy8WUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAw
NAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
bS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0
dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQURvbWFpblZhbGlkYXRpb25T
ZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3Rp
Z28uY29tME4GA1UdEQRHMEWCFXNlY3VyZS5ueXNlcmRhLm55LmdvdoISc2VjdXJl
Lm55c2VyZGEub3JnghhzZWN1cmVhdXRoMDEubnlzZXJkYS5vcmcwggF/BgorBgEE
AdZ5AgQCBIIBbwSCAWsBaQB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO
HtGFAAABacXYGeQAAAQDAEcwRQIgP0W4TeW6AhMNT5vf4ZtVVs+LbetEzTPTwHFd
vIItGd4CIQCwwuiGm48eCJsG+NijXR5W3ErhJu2FQ2KgLeFE9SvPFAB2AESUZS6w
7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABacXYGi8AAAQDAEcwRQIhAKUi
ljaOt2U36TbglrO+lqmWD1LqoHazv00UlUb4qhAKAiAJMJ+kzKpKFrK0RDY29IjM
EhkXOkjj1Loayrrxq0ZD3QB3AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2
xw7KAAABacXYGioAAAQDAEgwRgIhAL1iUSb5oGNXzJkccXlb72iswSyaScGehbQr
ocLcYijJAiEA0LSJ8Wd1Ncnmq9Qs2HliqiXeVi5v7S6eGToFFrSgV/swDQYJKoZI
hvcNAQELBQADggEBACjOgodfrXfkJpyjlTnNOtdX2PEfzpevkynlbUR1dahFW9Hk
Hdw17uRPFaulAlkxXng4qsp1qgvnMEcomFsHMtGei6FPMcB71YSg+a1ZF88UqQ2k
cT5UcrLfki+q8Lyj8vVesFZedrfG6AGIcP4d5pxMP7C07ajUmbnLtTJCTr9aZFq+
feiKaNuMe9zPrNda6IN6hdYxy/ZmXyb36IdBG1b7Rf/AQA2KWEtBf8aeze2FOV6z
M9RcHSjGWDwljQA9gekFrc6E+sES56hehvnWdpS+0lJu4QBh2swKelJRYHbNSr12
u5SurlS7jEp+WF76lzBcnud/jdibnn1BIiValR8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodhjhQj8p/2yd9Ui+eyZ
4oYG8X/NdAHflQjNIuVTYUzh9bR+gwHIKRBnqH70i+F9/G2owDKGra4e08zoRJ7D
kWHV+bdZ+4FK2p5xh0mD8Rzch+FHH2VFIHsngnR0U5lZrfNZqj/vU8/il4fjfQyV
VgwBSbZv8novlg/I6DN654/wj5ykE+qTeEfMDui5et6ci47Zctrkrd9ahUuY2KMk
n2kkrqPIRwG0ytZKvozel0P2SH/JsxCfD1lVJeq0xKnycj6ghr4M8SSY1dutcfAg
a2CkSHdg4MgnnliTtZDnTv11HesK9C5tTyTpxpMEKusUSE9xNEI5oAeRDJRE/AAI
2wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 339496480316381510351783599421594799592
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL Multi-Domain'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.nyserda.ny.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20431072368481517093613073500604669254523285487617601618558865747500421887426405377391801350176448390465645320974473875240604159480746582294536540889728518997304808950498259134279990710437876548071075383301464484353713038249654364446262107793896268472083914245139351334710012880303858933518845628926528333019039692592615433581772558330073209578280783654902855484740856048112415717091642489252170992545113807670698648598604575808804119624227346065660227624805946475733071236059272450717772777251456183350438201858500699310393511998505754139677638069699172898462841331498402650773066587215871464676614071172120958732507
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b10216ed9ec480b5be54b1c85151296a6172f165
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.nyserda.ny.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.nyserda.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secureauth01.nyserda.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000169c5d819e4000004030047304502203f45b84de5ba02130d4f9bdfe19b5556cf8b6deb44cd33d3c0715dbc822d19de022100b0c2e8869b8f1e089b06f8d8a35d1e56dc4ae126ed854362a02de144f52bcf140076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000169c5d81a2f0000040300473045022100a52296368eb76537e936e096b3be96a9960f52eaa076b3bf4d149546f8aa100a022009309fa4ccaa4a16b2b4443636f488cc1219173a48e3d4ba1acabaf1ab4643dd0077005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca00000169c5d81a2a0000040300483046022100bd625126f9a06357cc991c71795bef68acc12c9a49c19e85b42ba1c2dc6228c9022100d0b489f1677535c9e6abd42cd87962aa25de562e6fed2e9e193a0516b4a057fb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0028ce82875fad77e4269ca39539cd3ad757d8f11fce97af9329e56d447575a8455bd1e41ddc35eee44f15aba50259315e7838aaca75aa0be7304728985b0732d19e8ba14f31c07bd584a0f9ad5917cf14a90da4713e5472b2df922faaf0bca3f2f55eb0565e76b7c6e8018870fe1de69c4c3fb0b4eda8d499b9cbb532424ebf5a645abe7de88a68db8c7bdccfacd75ae8837a85d631cbf6665f26f7e887411b56fb45ffc0400d8a584b417fc69ecded85395eb333d45c1d28c6583c258d003d81e905adce84fac112e7a85e86f9d67694bed2526ee10061dacc0a7a52516076cd4abd76bb94aeae54bb8c4a7e585efa97305c9ee77f8dd89b9e7d4122255a951f