gitlab.sysman.corp.hmrc.gov.uk

- HM Revenue and Customs -

Issued by DigiCert SHA2 Extended Validation Server CA

About this certificate

This digital certificate with serial number 02:f1:49:4e:01:18:a3:4e:0f:89:a6:1f:48:b3:1d:28 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

HM Revenue and Customs

Company registration number: Government Entity
Organization: HM Revenue and Customs
Organization unit: DTA
Locality: Salford
Country: GB

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:f1:49:4e:01:18:a3:4e:0f:89:a6:1f:48:b3:1d:28
Serial Number (int): 3911286330513738304037194487779499304
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: a4:4f:98:c0:f0:62:d5:b4:ef:4c:02:43:b8:64:4f:7a:37:8b:87:89
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f

Fingerprint (sha1): 50:0c:2e:15:53:0f:7e:31:8f:4a:5c:a4:a7:e0:16:e3:29:f1:dc:54
Fingerprint (sha256): 48:4c:f4:cd:78:86:4c:b8:8b:2b:10:f7:4d:66:ac:d8:8e:65:84:fe:4d:ef:c3:62:bc:dd:d3:f2:a1:83:ff:ee

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl

Check the revocation status for certificate gitlab.sysman.corp.hmrc.gov.uk

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gitlab.sysman.corp.hmrc.gov.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gitlab.sysman.corp.hmrc.gov.uk

Other certificates including the domain name hmrc.gov.uk

(limited to 100 certificates)
developer.service.hmrc.gov.uk
esi2calculator.hmrc.gov.uk
ira74832.hmrc.gov.uk
sourcing.hmrc.gov.uk
www.tpvs.hmrc.gov.uk
sdes-ftp.hmrc.gov.uk
*.ws.clone.hmrc.gov.uk
ibt.cmec.hmrc.gov.uk
online.hmrc.gov.uk
directgov-customs.hmrc.gov.uk
online.hmrc.gov.uk
*.ws.ibt.hmrc.gov.uk
T2VDL.CORP.hmrc.gov.uk
ecw.hmrc.gov.uk
sdes-ftp.hmrc.gov.uk
patch.prod.cdg.corp.hmrc.gov.uk
crest.hmrc.gov.uk
gitlab.sysman.corp.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
public-online.hmrc.gov.uk
directgov-paye.online.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
api.service.hmrc.gov.uk
www.tpvs.hmrc.gov.uk
st.online.hmrc.gov.uk
*.hmrc.gov.uk
paye.online.hmrc.gov.uk
ibt.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
sdes-ftp.hmrc.gov.uk
sap-pi.preprod.hmrc.gov.uk
cmec.ws.hmrc.gov.uk
ibt.hmrc.gov.uk
online.hmrc.gov.uk
*.dev.cloudcentre.corp.hmrc.gov.uk
www.acumen.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
online.hmrc.gov.uk
www.acumen.hmrc.gov.uk
businesslink-customs.hmrc.gov.uk
*.cloudcenter.corp.hmrc.gov.uk
online.hmrc.gov.uk
pensionschemes.hmrc.gov.uk
aeoi.apps.hmrc.gov.uk
companieshouse-online.hmrc.gov.uk
rti-l-proxy1.hmrc.gov.uk
*.sysman.corp.hmrc.gov.uk
CloudGate.hmrc.gov.uk
ibt.hmrc.gov.uk
patch.test.cdg.corp.hmrc.gov.uk
patch.staging.cdg.corp.hmrc.gov.uk
online.hmrc.gov.uk
ibt.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
online.hmrc.gov.uk
subscriptions.hmrc.gov.uk
ibt.hmrc.gov.uk
patch.prod.cdg.corp.hmrc.gov.uk
cgec.hmrc.gov.uk
OSMonitor.sysman.corp.hmrc.gov.uk
disclosures.hmrc.gov.uk
www.acumen.hmrc.gov.uk
*.cloudcenter.corp.hmrc.gov.uk
online.hmrc.gov.uk
aka.hmrc.gov.uk
public-online.hmrc.gov.uk
online.hmrc.gov.uk
tfc-client-dwp.test.hmrc.gov.uk
slc.ws.hmrc.gov.uk
online.hmrc.gov.uk
slc.ws.hmrc.gov.uk
online.hmrc.gov.uk
online.hmrc.gov.uk
esi2calculator.hmrc.gov.uk
online.hmrc.gov.uk
fs.hmrc.gov.uk
pensionschemes.hmrc.gov.uk
community-origin.hmrc.gov.uk
businesslink-paye.online.hmrc.gov.uk
cbs-browser.cbs.ns1p.corp.hmrc.gov.uk
bts.ibt.hmrc.gov.uk
ira74836.hmrc.gov.uk
businesslink-cis.online.hmrc.gov.uk
tfc.hmrc.gov.uk
online.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
*.alm.corp.hmrc.gov.uk
cname-hmrc-gov-uk.production.tax.service.gov.uk
online.hmrc.gov.uk
*.ws.ibt.hmrc.gov.uk
test-api.service.hmrc.gov.uk
cname-hmrc-gov-uk.production.tax.service.gov.uk
ira74832.hmrc.gov.uk
ndo.hmrc.gov.uk
mailgate.hmrc.gov.uk
online.hmrc.gov.uk
fraudinvestigationjobs.hmrc.gov.uk
online.hmrc.gov.uk
companieshouse-online.hmrc.gov.uk
businesslink-paye.online.hmrc.gov.uk

Certificate

The complete raw certificate details for gitlab.sysman.corp.hmrc.gov.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIQAvFJTgEYo04PiaYfSLMdKDANBgkqhkiG9w0BAQsFADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDMyMzAwMDAwMFoXDTIyMDQwMzEy
MDAwMFowgcQxGjAYBgNVBA8MEUdvdmVybm1lbnQgRW50aXR5MRMwEQYLKwYBBAGC
NzwCAQMTAkdCMRowGAYDVQQFExFHb3Zlcm5tZW50IEVudGl0eTELMAkGA1UEBhMC
R0IxEDAOBgNVBAcTB1NhbGZvcmQxHzAdBgNVBAoTFkhNIFJldmVudWUgYW5kIEN1
c3RvbXMxDDAKBgNVBAsTA0RUQTEnMCUGA1UEAxMeZ2l0bGFiLnN5c21hbi5jb3Jw
LmhtcmMuZ292LnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XlU
fLdmMAtRdln0bVC68TRlpUgq5F3qCRLxamTSKsD9QZjVsfwqqX8zAGtcUcGRRnfq
PrFAS1dy6WCKxMz9tImx+lh8Dyc/AaHr0+wUddEcBhl5E4Bitxnrkcirn+m/PO0Z
NSypL9EWDm7ZX64af3H5BkrddcW3DuqhE4yBWyPsB/LCeyMEGCZpEtm3ZGGqE0we
qTbqRDe4kzeLK5KYmYVjDzaZ1wf3SAybsi7sp+HF2PZYKRgJsBqAAKB0I679rYnR
im/TwlwxI3akU+Y25bYbFv+6cb2m+S1F6R9ILhLQrAlAQxZXPmKUc2ZpF+IgP5iJ
QMhehrAMHAzkuYg2FwIDAQABo4ICDTCCAgkwHwYDVR0jBBgwFoAUPdNQpdagre7z
SmAKZdMh1Pj41g8wHQYDVR0OBBYEFKRPmMDwYtW070wCQ7hkT3o3i4eJMCkGA1Ud
EQQiMCCCHmdpdGxhYi5zeXNtYW4uY29ycC5obXJjLmdvdi51azAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGww
NKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1n
Mi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNl
cnZlci1nMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcC
ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYB
BQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
UgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
dFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADAT
BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYViAIpGB//T
7Pw8m0WZdl/ijv0kjaifeqE/zR4JZpyDjxnknw2ANhDqGj4rW4fTOpmQsWO9qUHx
N4Wa3qKnZ7+4KnPuBix54oXvJtIWPcPo0c7pZbGz2KRmiy2bjV9IzQ61nmmD4nKZ
v+qQB8W2kJ6ct66FBdYiYCGDw5N2E38bDeDuKWjIFL1Kh0zTCg7YmnjE8hZSPcOE
toHkDPqn2M580jnliSa46xQfNqUyoX4IDV6jnQChwHCa0DppnfYugpWPCVm1Kpzt
/vN8hq5Q63HDzOkBHb5QaWnqdTpFKz+gzBN3+my8GTGWf9Dl66E+qI3qWfCoSYyn
c3k1r1r1jw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XlUfLdmMAtRdln0bVC6
8TRlpUgq5F3qCRLxamTSKsD9QZjVsfwqqX8zAGtcUcGRRnfqPrFAS1dy6WCKxMz9
tImx+lh8Dyc/AaHr0+wUddEcBhl5E4Bitxnrkcirn+m/PO0ZNSypL9EWDm7ZX64a
f3H5BkrddcW3DuqhE4yBWyPsB/LCeyMEGCZpEtm3ZGGqE0weqTbqRDe4kzeLK5KY
mYVjDzaZ1wf3SAybsi7sp+HF2PZYKRgJsBqAAKB0I679rYnRim/TwlwxI3akU+Y2
5bYbFv+6cb2m+S1F6R9ILhLQrAlAQxZXPmKUc2ZpF+IgP5iJQMhehrAMHAzkuYg2
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3911286330513738304037194487779499304
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-03 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HM Revenue and Customs'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DTA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gitlab.sysman.corp.hmrc.gov.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28968401903941844660178838534724200490399071648619648719880119211818062545762753692277543113414733646063487829001556977673017371204755565901390495924652921564157562974101237399837893323081760002786705501594280775714030943559124194164932941149420183510346899300451853719247086026926067566193479604624210025580964775641171949368383394715927642204420333403120173265127989155172416110366305751857995895325426889737583355092556079769218368390262982089432540281915594620584852737654513140624225929097371084541808582237963198542056565466497577329604720626475810033194057156108352085025889614364251409318782274944788884633111
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a44f98c0f062d5b4ef4c0243b8644f7a378b8789
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gitlab.sysman.corp.hmrc.gov.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00958562008a4607ffd3ecfc3c9b4599765fe28efd248da89f7aa13fcd1e09669c838f19e49f0d803610ea1a3e2b5b87d33a9990b163bda941f137859adea2a767bfb82a73ee062c79e285ef26d2163dc3e8d1cee965b1b3d8a4668b2d9b8d5f48cd0eb59e6983e27299bfea9007c5b6909e9cb7ae8505d622602183c39376137f1b0de0ee2968c814bd4a874cd30a0ed89a78c4f216523dc384b681e40cfaa7d8ce7cd239e58926b8eb141f36a532a17e080d5ea39d00a1c0709ad03a699df62e82958f0959b52a9cedfef37c86ae50eb71c3cce9011dbe506969ea753a452b3fa0cc1377fa6cbc1931967fd0e5eba13ea88dea59f0a8498ca7737935af5af58f