l.ssl.shopify.com

- Shopify Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 07:1c:57:59:be:d6:1f:c0:66:71:ab:19:d5:6c:eb:dc was issued on by DigiCert Inc.

With 84 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Shopify Inc.

Organization: Shopify Inc.
State / Province: Ontario
Locality: Ottawa
Country: CA

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:1c:57:59:be:d6:1f:c0:66:71:ab:19:d5:6c:eb:dc
Serial Number (int): 9451751962536379682749226759465266140
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 72:4c:bf:b4:dd:8a:6b:13:6b:2b:26:36:2c:13:f6:f2:2c:bc:9c:91
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): c6:34:04:ae:b8:26:82:45:1b:3e:87:19:de:08:6e:e7:fc:00:47:fb
Fingerprint (sha256): 4f:b3:52:26:8b:f3:79:88:9c:4c:07:87:44:e0:e3:90:94:f0:9d:cc:5e:f4:94:91:61:05:d9:36:01:6a:d6:26

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl

Check the revocation status for certificate l.ssl.shopify.com

84

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for l.ssl.shopify.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

l.ssl.shopify.com
www.dabadovaporizers.com
www.sweethoneyclothing.com
www.inchbug.com
www.kellyskids.com
www.eleanorrose.com
shop.toromontpowersystems.com
www.cutratebatteries.com
www.unitedworldsoccer.com
www.hatchbaby.com
shop.oreo.com
www.sartoriale.com
www.cutencountry.com
www.olivethesenses.com
www.poeticlicenceshoes.com
www.shophopes.com
www.popflexactive.com
www.wearfigs.com
www.tascperformance.com
www.octalinstruments.com
www.gnappies.com
www.leesa.ca
www.shopflw.com
www.stayswagged.com
www.frecklebox.com
www.shophorne.com
www.rnareset.com
www.blanqi.com
www.hallmarkhomeandgifts.com
shop.starry.com
www.iodogs.com
shop.collectiondesign.co.il
store.handibot.com
shop.reset360.com
www.fringesport.com
www.fright-rags.com
www.bottlekeeper.com
store.thetemperancemovement.com
www.jnco.com
www.culturekings.com.au
shop.nodalninja.com
www.thewrld.com
www.nbthievesstore.com
www.klosetenvy.com
www.midoribikinis.com
www.ittybittytoes.com
www.atthedriveinofficialmerch.com
www.rugpadusa.com
www.firsttactical.com
store.embertech.com
www.drvita.com
www.bellalunatoys.com
www.getkeysmart.com
www.systemthree.com
www.kieljamespatrick.com
preorder.hellotwist.com
www.tombihn.com
store.simpleenergy.com
www.brighterwhite.com.au
www.hoverboardstop.com
shop.historynet.com
shop.askingalexandria.com
store.penny-arcade.com
www.sarahandsebastian.com
www.cambuy.com.au
wholesale.palaceskateboards.com
www.olympushealth.com
www.somus.com
www.annahariri.ae
www.featuresneakerboutique.com
www.smallwoodhome.com
www.potsplantersandmore.com
us.sarahandsebastian.com
www.singerdirect.co.uk
nycrush.dsg.com
chicagorush.dsg.com
shop.budlight.com
www.crapeyewear.com
www.summerskates.ca
www.summerskates.com
www.hobbysew.co.uk
www.trayvax.com
www.britishsewingcentre.co.uk
www.cenhubstore.com

Other certificates including the domain name shopify.com

(limited to 100 certificates)
f4.shared.global.fastly.net
zh.shopify.com
ingress-imagery-us-central1-2.shopifycloud.com
statuspage.io
themes.shopify.com
l.ssl.shopify.com
merchandise.shopify.com
events.shopify.com
press.shopify.com
statuspage.io
dns-vetting1-jeffg-noah.map.fastly.net
statuspage.io
shopify-app-store.shopifycloud.com
o.ssl.shopify.com
statuspage.io
brochure2-staging12.shopifycloud.com
plusinfo.shopify.com
status.3dcart.com
savage-sign-on.shopifycloud.com
accounts.shopify.com
investor.shopify.com
meetups.shopify.com
shopify.com
linkpop.com
chat.shopify.com
commerceplus.shopify.com
marketplace.shopify.com
next.shopify.com
shopify-classifieds.shopifycloud.com
ir.shopify.com
ssl.shopify.com
marketplace.shopify.com
store.shopify.com
secure03.lithium.com
dev.shopify.com
somethingorother.shopify.com
commerceplus.shopify.com
pins.shopify.com
statuspage.io
ssl.cdngc.net
sourcing-admin.shopify.com
cardreader.shopify.com
www.shopify.com
www.shopify.com
secure03.stage.lithium.com
p.ssl.shopify.com
pointofsale.shopify.com
bourgeois.shopifycloud.com
unicorn.shopify.com
upcoming12.shopify.com
sl.shopify.com
tashboard.shopify.com
growthcenter.shopify.com
secure03.stage.lithium.com
statuspage.io
*.b.ssl.fastly.net
gtm.shopify.com
secure03.lithium.com
statuspage.io
analytics.shopify.com
collabs.shopify.com
unite-registration.shopify.com
photos.shopify.com
data-portal.shopifycloud.com
merch.shopify.com
plusacademy.shopify.com
www.shopify.com
shopify-plus-meet-up.shopify.com
collabs.shopify.com
statuspage.io
privacy.shopify.com
r.ssl.fastly.net
counter.shopify.com
shopify-app-store.shopifycloud.com
statuspage.io
statuspage.io
b.ssl.shopify.com
statuspage.io
shopify-app-store-staging.shopifycloud.com
sfn.shopify.com
growthcenter.shopify.com
bcs.shopify.com
statuspage.io
smiley-staging.shopify.com
secure03.lithium.com
statuspage.io
hardware.shopify.com
upcoming-pizx.shopify.com
shopify-classifieds.shopifycloud.com
ny.shopify.com
pursuit.shopify.com
cardreader-giveaway.shopifycloud.com
auth.data.shopify.com
hardware.shopify.com
statuspage.io
ssl.shopify.com
events.shopify.com
unite.shopify.com
linkpop.shopify.com
upcoming9.shopify.com

Certificate

The complete raw certificate details for l.ssl.shopify.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMhTCCC22gAwIBAgIQBxxXWb7WH8BmcasZ1Wzr3DANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNjAxMDUwMDAwMDBaFw0xNzAxMDkxMjAwMDBa
MGMxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRh
d2ExFTATBgNVBAoTDFNob3BpZnkgSW5jLjEaMBgGA1UEAxMRbC5zc2wuc2hvcGlm
eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTk71GJN/NmBMl
NhKSE7BcKIjMBznNXjlEUwu75Bn9Rr1NeiG19y7oX9HKK8+YMiIX6sf0Ox/2GG/3
7K14mUVvZGoTESBgowC5G3UV9HAnpKuCJQdNHMr/pKwAsHm1cVK3UvKXAc6DO+RM
/PQv3sEE6GHLLdjdzevv7C1ay1SoR7yK0CZZ9/FLD+mujBAxVT1X2mWFrMjTYILa
lDdc6ZG7hWcmimK98+ZiospQadY4MSiLcLhF3ZisA4AwJt0sJl+jqjUiyskgdRFI
GarhukuIdOz1upLA/iaFQIlgnlOzYVIqAeua5i0XM4Ou67LTG/I/XYizC382O43Q
1eoNePNxAgMBAAGjggkmMIIJIjAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqIS
uFlyOzAdBgNVHQ4EFgQUcky/tN2KaxNrKyY2LBP28iy8nJEwggdWBgNVHREEggdN
MIIHSYIRbC5zc2wuc2hvcGlmeS5jb22CGHd3dy5kYWJhZG92YXBvcml6ZXJzLmNv
bYIad3d3LnN3ZWV0aG9uZXljbG90aGluZy5jb22CD3d3dy5pbmNoYnVnLmNvbYIS
d3d3LmtlbGx5c2tpZHMuY29tghN3d3cuZWxlYW5vcnJvc2UuY29tgh1zaG9wLnRv
cm9tb250cG93ZXJzeXN0ZW1zLmNvbYIYd3d3LmN1dHJhdGViYXR0ZXJpZXMuY29t
ghl3d3cudW5pdGVkd29ybGRzb2NjZXIuY29tghF3d3cuaGF0Y2hiYWJ5LmNvbYIN
c2hvcC5vcmVvLmNvbYISd3d3LnNhcnRvcmlhbGUuY29tghR3d3cuY3V0ZW5jb3Vu
dHJ5LmNvbYIWd3d3Lm9saXZldGhlc2Vuc2VzLmNvbYIad3d3LnBvZXRpY2xpY2Vu
Y2VzaG9lcy5jb22CEXd3dy5zaG9waG9wZXMuY29tghV3d3cucG9wZmxleGFjdGl2
ZS5jb22CEHd3dy53ZWFyZmlncy5jb22CF3d3dy50YXNjcGVyZm9ybWFuY2UuY29t
ghh3d3cub2N0YWxpbnN0cnVtZW50cy5jb22CEHd3dy5nbmFwcGllcy5jb22CDHd3
dy5sZWVzYS5jYYIPd3d3LnNob3BmbHcuY29tghN3d3cuc3RheXN3YWdnZWQuY29t
ghJ3d3cuZnJlY2tsZWJveC5jb22CEXd3dy5zaG9waG9ybmUuY29tghB3d3cucm5h
cmVzZXQuY29tgg53d3cuYmxhbnFpLmNvbYIcd3d3LmhhbGxtYXJraG9tZWFuZGdp
ZnRzLmNvbYIPc2hvcC5zdGFycnkuY29tgg53d3cuaW9kb2dzLmNvbYIbc2hvcC5j
b2xsZWN0aW9uZGVzaWduLmNvLmlsghJzdG9yZS5oYW5kaWJvdC5jb22CEXNob3Au
cmVzZXQzNjAuY29tghN3d3cuZnJpbmdlc3BvcnQuY29tghN3d3cuZnJpZ2h0LXJh
Z3MuY29tghR3d3cuYm90dGxla2VlcGVyLmNvbYIfc3RvcmUudGhldGVtcGVyYW5j
ZW1vdmVtZW50LmNvbYIMd3d3LmpuY28uY29tghd3d3cuY3VsdHVyZWtpbmdzLmNv
bS5hdYITc2hvcC5ub2RhbG5pbmphLmNvbYIPd3d3LnRoZXdybGQuY29tghZ3d3cu
bmJ0aGlldmVzc3RvcmUuY29tghJ3d3cua2xvc2V0ZW52eS5jb22CFXd3dy5taWRv
cmliaWtpbmlzLmNvbYIVd3d3Lml0dHliaXR0eXRvZXMuY29tgiF3d3cuYXR0aGVk
cml2ZWlub2ZmaWNpYWxtZXJjaC5jb22CEXd3dy5ydWdwYWR1c2EuY29tghV3d3cu
Zmlyc3R0YWN0aWNhbC5jb22CE3N0b3JlLmVtYmVydGVjaC5jb22CDnd3dy5kcnZp
dGEuY29tghV3d3cuYmVsbGFsdW5hdG95cy5jb22CE3d3dy5nZXRrZXlzbWFydC5j
b22CE3d3dy5zeXN0ZW10aHJlZS5jb22CGHd3dy5raWVsamFtZXNwYXRyaWNrLmNv
bYIXcHJlb3JkZXIuaGVsbG90d2lzdC5jb22CD3d3dy50b21iaWhuLmNvbYIWc3Rv
cmUuc2ltcGxlZW5lcmd5LmNvbYIYd3d3LmJyaWdodGVyd2hpdGUuY29tLmF1ghZ3
d3cuaG92ZXJib2FyZHN0b3AuY29tghNzaG9wLmhpc3RvcnluZXQuY29tghlzaG9w
LmFza2luZ2FsZXhhbmRyaWEuY29tghZzdG9yZS5wZW5ueS1hcmNhZGUuY29tghl3
d3cuc2FyYWhhbmRzZWJhc3RpYW4uY29tghF3d3cuY2FtYnV5LmNvbS5hdYIfd2hv
bGVzYWxlLnBhbGFjZXNrYXRlYm9hcmRzLmNvbYIVd3d3Lm9seW1wdXNoZWFsdGgu
Y29tgg13d3cuc29tdXMuY29tghF3d3cuYW5uYWhhcmlyaS5hZYIed3d3LmZlYXR1
cmVzbmVha2VyYm91dGlxdWUuY29tghV3d3cuc21hbGx3b29kaG9tZS5jb22CG3d3
dy5wb3RzcGxhbnRlcnNhbmRtb3JlLmNvbYIYdXMuc2FyYWhhbmRzZWJhc3RpYW4u
Y29tghZ3d3cuc2luZ2VyZGlyZWN0LmNvLnVrgg9ueWNydXNoLmRzZy5jb22CE2No
aWNhZ29ydXNoLmRzZy5jb22CEXNob3AuYnVkbGlnaHQuY29tghN3d3cuY3JhcGV5
ZXdlYXIuY29tghN3d3cuc3VtbWVyc2thdGVzLmNhghR3d3cuc3VtbWVyc2thdGVz
LmNvbYISd3d3LmhvYmJ5c2V3LmNvLnVrgg93d3cudHJheXZheC5jb22CHXd3dy5i
cml0aXNoc2V3aW5nY2VudHJlLmNvLnVrghN3d3cuY2VuaHVic3RvcmUuY29tMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYD
VR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEt
c2VydmVyLWc1LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3No
YTItaGEtc2VydmVyLWc1LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgG
CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAEC
AjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
bS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB
/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAJRFrDiJGFuau2CvVnstNo6L+RotdwRn
FeKJPqmE/ywgtoGx85d00IYg+s5a3IPCQAu7Wjl/S1iGixjGbKlt/gCSuxpkS3c5
Mz1gh2N5svAM4gEvtYQ03uKUcJVKltZrvNzl9ilSqiV0DM2z83YYHCQJU7BVfoaU
Dr9AfXfhx7Mqc4Oj6G1/uVPTmpZeAhqLhjpLP+HesIhZUj0C9VhnHWhb9xthvNLH
5Zvt3z82/9q+eJwKlwUbz/JrcDyzKWMEmz2ZRodzvff46WppurDvJeOXvKXDGLCV
Z5hKSYZaD2OX1yWQXILLyhtlbGerlHuhY9trEYiSkqKaVdu8V8+AD4o=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05O9RiTfzZgTJTYSkhOw
XCiIzAc5zV45RFMLu+QZ/Ua9TXohtfcu6F/RyivPmDIiF+rH9Dsf9hhv9+yteJlF
b2RqExEgYKMAuRt1FfRwJ6SrgiUHTRzK/6SsALB5tXFSt1LylwHOgzvkTPz0L97B
BOhhyy3Y3c3r7+wtWstUqEe8itAmWffxSw/prowQMVU9V9plhazI02CC2pQ3XOmR
u4VnJopivfPmYqLKUGnWODEoi3C4Rd2YrAOAMCbdLCZfo6o1IsrJIHURSBmq4bpL
iHTs9bqSwP4mhUCJYJ5Ts2FSKgHrmuYtFzODruuy0xvyP12Iswt/NjuN0NXqDXjz
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9451751962536379682749226759465266140
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-09 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shopify Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'l.ssl.shopify.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26709135337362242757406102306804226609592965857312380405264249736259912501015184004766539650942609533145812856544108495739304827342199756905210770649491227204154196422396164837456177971170575539199215033177241153837938263022785248219860116234194402180316362048038058391904769124191091102980412263698744767703281820089783542768748064460793891999590276533496564116975189888992629593231649867514046450527148581093980622966943567807602352405079710315548774836563087358455176258058445535927564167070666868984491829992000494649321315151798868532675989056348455378265158784654702738750677439731837042814354915125559358452593
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							724cbfb4dd8a6b136b2b26362c13f6f22cbc9c91
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1869 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'l.ssl.shopify.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dabadovaporizers.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sweethoneyclothing.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.inchbug.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kellyskids.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eleanorrose.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.toromontpowersystems.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cutratebatteries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.unitedworldsoccer.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hatchbaby.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.oreo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sartoriale.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cutencountry.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.olivethesenses.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.poeticlicenceshoes.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shophopes.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.popflexactive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wearfigs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tascperformance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.octalinstruments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gnappies.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.leesa.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shopflw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stayswagged.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.frecklebox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shophorne.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rnareset.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blanqi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hallmarkhomeandgifts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.starry.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iodogs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.collectiondesign.co.il'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.handibot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.reset360.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fringesport.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fright-rags.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bottlekeeper.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.thetemperancemovement.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jnco.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.culturekings.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.nodalninja.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thewrld.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nbthievesstore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.klosetenvy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.midoribikinis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ittybittytoes.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.atthedriveinofficialmerch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rugpadusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firsttactical.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.embertech.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.drvita.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bellalunatoys.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.getkeysmart.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.systemthree.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kieljamespatrick.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preorder.hellotwist.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tombihn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.simpleenergy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.brighterwhite.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hoverboardstop.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.historynet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.askingalexandria.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.penny-arcade.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sarahandsebastian.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cambuy.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wholesale.palaceskateboards.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.olympushealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.somus.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.annahariri.ae'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.featuresneakerboutique.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.smallwoodhome.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.potsplantersandmore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.sarahandsebastian.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.singerdirect.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nycrush.dsg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chicagorush.dsg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.budlight.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.crapeyewear.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.summerskates.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.summerskates.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hobbysew.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.trayvax.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.britishsewingcentre.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cenhubstore.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009445ac3889185b9abb60af567b2d368e8bf91a2d77046715e2893ea984ff2c20b681b1f39774d08620face5adc83c2400bbb5a397f4b58868b18c66ca96dfe0092bb1a644b7739333d60876379b2f00ce2012fb58434dee29470954a96d66bbcdce5f62952aa25740ccdb3f376181c240953b0557e86940ebf407d77e1c7b32a7383a3e86d7fb953d39a965e021a8b863a4b3fe1deb08859523d02f558671d685bf71b61bcd2c7e59beddf3f36ffdabe789c0a97051bcff26b703cb32963049b3d99468773bdf7f8e96a69bab0ef25e397bca5c318b09567984a49865a0f6397d725905c82cbca1b656c67ab947ba163db6b11889292a29a55dbbc57cf800f8a