*.mtamail.org

Issued by DigiCert High Assurance CA-3

About this certificate


This digital certificate with serial number 0d:91:83:c3:ef:8c:86:3c:33:00:ba:ce:18:da:1d:aa was issued on by DigiCert Inc .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

New York City Transit Authority

Organization: New York City Transit Authority
State / Province: New York
Locality: Brooklyn
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
State / Province: New York
Locality: Brooklyn
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:91:83:c3:ef:8c:86:3c:33:00:ba:ce:18:da:1d:aa
Serial Number (int): 18035519508978025873893792737360747946
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d7:ae:0e:5c:93:82:aa:08:e5:e0:d6:f2:6c:72:b1:58:d3:2f:84:43
AuthorityKeyId: 50:ea:73:89:db:29:fb:10:8f:9e:e5:01:20:d4:de:79:99:48:83:f7

Fingerprint (sha1): 9f:ed:ae:b1:bb:f7:2e:3b:f7:50:c0:3f:8c:97:2c:3b:48:8d:f8:a4
Fingerprint (sha256): e0:39:0d:15:37:4c:b0:e8:10:d2:29:c0:8d:b5:94:3b:65:85:32:9e:27:98:94:0c:5a:4e:6c:48:c0:2d:48:38

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertHighAssuranceCA-3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ca3-g26.crl
CRL Distribution Point: http://crl4.digicert.com/ca3-g26.crl

Check the revocation status for the current certificate on *.mtamail.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.mtamail.org
mtamail.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGtzCCBZ+gAwIBAgIQDZGDw++MhjwzALrOGNodqjANBgkqhkiG9w0BAQUFADBm MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBIaWdoIEFzc3VyYW5j ZSBDQS0zMB4XDTEzMTAwMjAwMDAwMFoXDTE2MTIyMjEyMDAwMFowdTELMAkGA1UE BhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhCcm9va2x5bjEoMCYG A1UEChMfTmV3IFlvcmsgQ2l0eSBUcmFuc2l0IEF1dGhvcml0eTEWMBQGA1UEAwwN Ki5tdGFtYWlsLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOD6 OGfjmKKG7SplKn6aWIY87p++ziihQXp45bhoKj4rDTmGkevgJrdNMDLjL8GzGivd us09dsTSTz3E14Q5+09DQqlgoz1xVTRf/DB652dEV0mrnvfWj4puxoR+Ev1DFtmQ mG0LlUO17tEMP07HWLUKexsYDJ1e9fpLYT6shUs77YaZ5h1PL/Mt3e11EZCueooU Et7LinSR4XmI2+/EyesMDGPZ3XCokpj3f0bDmr3e69s4WVgikuvBNwFm49yExxw1 Uwq+mEKXDsob8fPYQGrOs0tT1v1aSsIsKB0RQqW0qHtBDTbJyJ3KK1ItZ1PbJLw5 Yy7CEjMYZbWOAkuKvE8CAwEAAaOCA1AwggNMMB8GA1UdIwQYMBaAFFDqc4nbKfsQ j57lASDU3nmZSIP3MB0GA1UdDgQWBBTXrg5ck4KqCOXg1vJscrFY0y+EQzAlBgNV HREEHjAcgg0qLm10YW1haWwub3JnggttdGFtYWlsLm9yZzAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGEGA1UdHwRaMFgwKqAo oCaGJGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9jYTMtZzI2LmNybDAqoCigJoYk aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL2NhMy1nMjYuY3JsMIIBxAYDVR0gBIIB uzCCAbcwggGzBglghkgBhv1sAQEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3 LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUH AgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQBy AHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBj AGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAg AEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQ AGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBt AGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBj AG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBl AHIAZQBuAGMAZQAuMHsGCCsGAQUFBwEBBG8wbTAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tMEUGCCsGAQUFBzAChjlodHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlQ0EtMy5jcnQwDAYDVR0T AQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAdsjt442sIUlh9mQcMCZXEROSEYX4 Z8ARtry1Qm57MZnDDcU2ozgiWdpxG4AsjIe/10cXtdlMT2rrtbKaNuy7pusEg0cD w5hUAZwQGIZeFLWMi4fh7hOs5som9Ap5VmdVAOadiBMQZVRqrfF8fxwI6IC2u9zJ AyewZvn4w4iyLvsdICC2t2AL+JqdLYiaRSkP3rbQqUUBJ6L9ZcvPBa268nZVioLl L6tjrXojXkVG1lFP5pqsKJWo0vUzWnDWD7rA7qn2vOZJBqdKqoBEgXU4tkciOpTz 1wpTxv/PV63ARiaoMfWsL1d+Lpn43HgEhtfcR3SiY4WAwYs6kk0L6H3JyQ== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Po4Z+OYoobtKmUqfppY hjzun77OKKFBenjluGgqPisNOYaR6+Amt00wMuMvwbMaK926zT12xNJPPcTXhDn7 T0NCqWCjPXFVNF/8MHrnZ0RXSaue99aPim7GhH4S/UMW2ZCYbQuVQ7Xu0Qw/TsdY tQp7GxgMnV71+kthPqyFSzvthpnmHU8v8y3d7XURkK56ihQS3suKdJHheYjb78TJ 6wwMY9ndcKiSmPd/RsOavd7r2zhZWCKS68E3AWbj3ITHHDVTCr6YQpcOyhvx89hA as6zS1PW/VpKwiwoHRFCpbSoe0ENNsnIncorUi1nU9skvDljLsISMxhltY4CS4q8 TwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18035519508978025873893792737360747946 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert High Assurance CA-3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-10-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-22 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brooklyn' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York City Transit Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.mtamail.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28400768558437546754033643309467122562241209639232142981680049681175568201370939357400524844734968386950822845482410437876714474006255602637148042755891919187542885866963750711591148415912674733353335852161298480240061628159650223190458964807926439457520839009433572239532968605360745631743552754558392746178002170437974612976452457840263487559342775289243807149702771731151532185706328628103907930189886959620398821358701200626397718334392088754871627752190464309795261556559348341695515419758586987310212523482044371625849867946721954043131123702354181345406358463237636472149911438526692380419858051539394053717071 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 50ea7389db29fb108f9ee50120d4de79994883f7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d7ae0e5c9382aa08e5e0d6f26c72b158d32f8443 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mtamail.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtamail.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ca3-g26.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ca3-g26.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (443 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/ssl-cps-repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:30|false] BMPString [0 65 0 110 0 121 0 32 0 117 0 115 0 101 0 32 0 111 0 102 0 32 0 116 0 104 0 105 0 115 0 32 0 67 0 101 0 114 0 116 0 105 0 102 0 105 0 99 0 97 0 116 0 101 0 32 0 99 0 111 0 110 0 115 0 116 0 105 0 116 0 117 0 116 0 101 0 115 0 32 0 97 0 99 0 99 0 101 0 112 0 116 0 97 0 110 0 99 0 101 0 32 0 111 0 102 0 32 0 116 0 104 0 101 0 32 0 68 0 105 0 103 0 105 0 67 0 101 0 114 0 116 0 32 0 67 0 80 0 47 0 67 0 80 0 83 0 32 0 97 0 110 0 100 0 32 0 116 0 104 0 101 0 32 0 82 0 101 0 108 0 121 0 105 0 110 0 103 0 32 0 80 0 97 0 114 0 116 0 121 0 32 0 65 0 103 0 114 0 101 0 101 0 109 0 101 0 110 0 116 0 32 0 119 0 104 0 105 0 99 0 104 0 32 0 108 0 105 0 109 0 105 0 116 0 32 0 108 0 105 0 97 0 98 0 105 0 108 0 105 0 116 0 121 0 32 0 97 0 110 0 100 0 32 0 97 0 114 0 101 0 32 0 105 0 110 0 99 0 111 0 114 0 112 0 111 0 114 0 97 0 116 0 101 0 100 0 32 0 104 0 101 0 114 0 101 0 105 0 110 0 32 0 98 0 121 0 32 0 114 0 101 0 102 0 101 0 114 0 101 0 110 0 99 0 101 0 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (111 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertHighAssuranceCA-3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0076c8ede38dac214961f6641c3026571113921185f867c011b6bcb5426e7b3199c30dc536a3382259da711b802c8c87bfd74717b5d94c4f6aebb5b29a36ecbba6eb04834703c39854019c1018865e14b58c8b87e1ee13ace6ca26f40a7956675500e69d88131065546aadf17c7f1c08e880b6bbdcc90327b066f9f8c388b22efb1d2020b6b7600bf89a9d2d889a45290fdeb6d0a9450127a2fd65cbcf05adbaf276558a82e52fab63ad7a235e4546d6514fe69aac2895a8d2f5335a70d60fbac0eea9f6bce64906a74aaa8044817538b647223a94f3d70a53c6ffcf57adc04626a831f5ac2f577e2e99f8dc780486d7dc4774a2638580c18b3a924d0be87dc9c9