sma.jewels.com
- Signet Group Services US Inc -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number d4:7d:db:95:01:d1:f6:31:aa:a6:18:2f:c0:87:2a:53 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Signet Group Services US Inc
Organization:
Signet Group Services US Inc
State / Province:
Ohio
Country: US
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): d4:7d:db:95:01:d1:f6:31:aa:a6:18:2f:c0:87:2a:53Serial Number (int): 282449825866981745974845145243349101139
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: c8:19:d6:ca:ab:26:e8:92:39:cb:e7:a3:7d:09:a4:9c:84:d3:06:cf
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 2c:65:97:a2:8e:ec:ea:3c:52:d2:ba:ce:53:11:69:38:cf:83:68:22
Fingerprint (sha256): 55:14:20:04:be:ab:46:1d:c8:25:8a:58:4d:19:ac:98:04:b7:2f:e1:18:b5:2c:6b:91:f1:4e:96:43:db:e0:28
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate sma.jewels.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sma.jewels.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sma.jewels.com
www.sma.jewels.com
www.sma.jewels.com
Other certificates including the domain name jewels.com
(limited to 100 certificates)
qlqw10app00.jewels.com
srsprod.jewels.com
imperva.com
skuserviceapi.dev.cloud.jewels.com
rmm.test.cloud.jewels.com
signet-identity-provider-test.jewels.com
plcosatadm01.jewels.com
skuserviceapi.dev.cloud.jewels.com
credithub-test.azusnc-test.jewels.com
workordersapi-dev.jewels.com
skuserviceapi.dev.cloud.jewels.com
sapbpcuxp.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
gp-akr.jewels.com
uluf20app00.jewels.com
skuserviceapi.dev.cloud.jewels.com
sigctbanner.jewels.com
signet-cltin-prod-informatica-alb.cltin.cloud.jewels.com
sapfinance.jewels.com
*.jewels.com
jira.jewels.com
dldf10app00.jewels.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
web01-sigcapdev.jewels.com
archiva.jewels.com
vpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
plpb20app00.jewels.com
guest.jewels.com
PWAKSEPAPP01.jewels.com
credpmtcalc-dev.jewels.com
srsprod.jewels.com
credpmtcalc-dev.jewels.com
cc.stage.cloud.jewels.com
signethierarchyprovider.jewels.com
skuserviceapi.dev.cloud.jewels.com
worswebdev.jewels.com
vhsigdi1ci.sap.jewels.com
dldw10app00.jewels.com
worswebuat.jewels.com
srsvendorportal.jewels.com
perf-creditapis.jewels.com
vhsigdi1ci.sap.jewels.com
signet-identity-provider-prod.jewels.com
data.jewels.com
mypc.jewels.com
*.jewels.com
dev1digitalapi.jewels.com
PWAKSEPAPP01.jewels.com
api4.jewels.com
vhsigdi1ci.sap.jewels.com
xconnect.jewels.com
dwakivrweb01.jewels.com
skuserviceapi.dev.cloud.jewels.com
workordersapi.jewels.com
vpn.jewels.com
ukecomapigreen.jewels.com
vhsigdj1ci.sap.jewels.com
rmm.stage.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
worsweb.jewels.com
uluw20app01.jewels.com
sappouxp.jewels.com
cc.dev.cloud.jewels.com
kay.ercol.test.cloud.jewels.com
uk-alt.ecesb.test.cloud.jewels.com
test.sslvpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
credpmtcalc-prod.jewels.com
sjim-asa-vpn.jewels.com
ecomapigreen.jewels.com
signet-cltin-dev-inform-int-alb.cltin.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
fed01.jewels.com
skuserviceapi.dev.cloud.jewels.com
creditapis.jewels.com
CAR-C1-ISE-1.jewels.com
sigctbanner.jewels.com
pacoclearpass01.jewels.com
credithub-test.azusnc-test.jewels.com
api4dev.zalecorp.com
xconnect.jewels.com
dlde10app00.jewels.com
www.kay.com
posapigateway-perf.jewels.com
dlde10app00.jewels.com
edu-sams-interface.store-ops.cloud.jewels.com
saps4huxp.jewels.com
plpf20app00.jewels.com
sjim-asa-vpn.jewels.com
stage-repair.jewels.com
nexus.dev.cloud.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
credithub-dev.azusnc-test.jewels.com
vpn.jewels.com
sma.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
PWAKRPAAPP01.jewels.com
srsprod.jewels.com
imperva.com
skuserviceapi.dev.cloud.jewels.com
rmm.test.cloud.jewels.com
signet-identity-provider-test.jewels.com
plcosatadm01.jewels.com
skuserviceapi.dev.cloud.jewels.com
credithub-test.azusnc-test.jewels.com
workordersapi-dev.jewels.com
skuserviceapi.dev.cloud.jewels.com
sapbpcuxp.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
gp-akr.jewels.com
uluf20app00.jewels.com
skuserviceapi.dev.cloud.jewels.com
sigctbanner.jewels.com
signet-cltin-prod-informatica-alb.cltin.cloud.jewels.com
sapfinance.jewels.com
*.jewels.com
jira.jewels.com
dldf10app00.jewels.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
web01-sigcapdev.jewels.com
archiva.jewels.com
vpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
plpb20app00.jewels.com
guest.jewels.com
PWAKSEPAPP01.jewels.com
credpmtcalc-dev.jewels.com
srsprod.jewels.com
credpmtcalc-dev.jewels.com
cc.stage.cloud.jewels.com
signethierarchyprovider.jewels.com
skuserviceapi.dev.cloud.jewels.com
worswebdev.jewels.com
vhsigdi1ci.sap.jewels.com
dldw10app00.jewels.com
worswebuat.jewels.com
srsvendorportal.jewels.com
perf-creditapis.jewels.com
vhsigdi1ci.sap.jewels.com
signet-identity-provider-prod.jewels.com
data.jewels.com
mypc.jewels.com
*.jewels.com
dev1digitalapi.jewels.com
PWAKSEPAPP01.jewels.com
api4.jewels.com
vhsigdi1ci.sap.jewels.com
xconnect.jewels.com
dwakivrweb01.jewels.com
skuserviceapi.dev.cloud.jewels.com
workordersapi.jewels.com
vpn.jewels.com
ukecomapigreen.jewels.com
vhsigdj1ci.sap.jewels.com
rmm.stage.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
worsweb.jewels.com
uluw20app01.jewels.com
sappouxp.jewels.com
cc.dev.cloud.jewels.com
kay.ercol.test.cloud.jewels.com
uk-alt.ecesb.test.cloud.jewels.com
test.sslvpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
credpmtcalc-prod.jewels.com
sjim-asa-vpn.jewels.com
ecomapigreen.jewels.com
signet-cltin-dev-inform-int-alb.cltin.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
fed01.jewels.com
skuserviceapi.dev.cloud.jewels.com
creditapis.jewels.com
CAR-C1-ISE-1.jewels.com
sigctbanner.jewels.com
pacoclearpass01.jewels.com
credithub-test.azusnc-test.jewels.com
api4dev.zalecorp.com
xconnect.jewels.com
dlde10app00.jewels.com
www.kay.com
posapigateway-perf.jewels.com
dlde10app00.jewels.com
edu-sams-interface.store-ops.cloud.jewels.com
saps4huxp.jewels.com
plpf20app00.jewels.com
sjim-asa-vpn.jewels.com
stage-repair.jewels.com
nexus.dev.cloud.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
credithub-dev.azusnc-test.jewels.com
vpn.jewels.com
sma.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
PWAKRPAAPP01.jewels.com
Certificate
The complete raw certificate details for sma.jewels.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG4zCCBcugAwIBAgIRANR925UB0fYxqqYYL8CHKlMwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yNDA2MTAwMDAwMDBaFw0yNTA3MTAyMzU5NTlaMFwxCzAJBgNV BAYTAlVTMQ0wCwYDVQQIEwRPaGlvMSUwIwYDVQQKExxTaWduZXQgR3JvdXAgU2Vy dmljZXMgVVMgSW5jMRcwFQYDVQQDEw5zbWEuamV3ZWxzLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAKeKUWI90ZB1GfsOQCxF1psVgUjvP0sssWqG nn/wq+/BeQ8VuOxj07bjPd/JkvcM6gi8eo+mJVdDcK3VRDKefISjMs+zt7LYtkKZ pCIqAjl/ls8jbX/ROC8qyVRo/BVF5QJooQf2wZW7hSYkBeTph6fsbdnGBSyp/Fhg jrqt3ONqqLWzOkDMP0IVnvA4bU2D3tLqivA+rptBPa27YId/wePjeRd/Q3GXGFau CcGJlHzKSDRaEDWdIQsD/m5eFs40WxrqruMK3rlqm6Cc6f7ltkiodxGMCwpGPmPL X60h3gJwSPqQffLpDi+y8wdRtn1gwjarn0fjSf8gzgffQrUYBdMCAwEAAaOCA2Qw ggNgMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBTI GdbKqybokjnL56N9CaSchNMGzzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1Bgwr BgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D UFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGln by5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2 ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2Ny dC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNl Y3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGln by5jb20wLQYDVR0RBCYwJIIOc21hLmpld2Vscy5jb22CEnd3dy5zbWEuamV3ZWxz LmNvbTCCAXsGCisGAQQB1nkCBAIEggFrBIIBZwFlAHUA3dzKNJXX4RYF55Uy+sef +D0cUN/bADoUEnYKLKy7yCoAAAGP/8YJdgAABAMARjBEAiAH+6S+5JeX1GQprADN wxWO4vmfjDke5Oi5DPTY7L/r6QIgY4ajEansk0/myIcmNw+tERav12I48q7YZ2Ax otZA2WYAdQAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAY//xgoH AAAEAwBGMEQCIEjgSQ45gELglzkVt5u4FqANGpkvnFFGh1w47BiibwRXAiBfLiej TKeyNCYmB6CieVWT2dQrwrhout0q9UWh4Do3MgB1ABLxTjS9U3JMhAYZw48/ehP4 57Vih4icbTAFhOvlhiY6AAABj//GCRoAAAQDAEYwRAIgWvDLWql0xD4ScPzlmlYU kS251vPelO2DQIMYLWAlQB0CIDx7gEyl1WXlBTwGCZT/riG6Wx/r0dTbZ1+Xc/oc mSDtMA0GCSqGSIb3DQEBCwUAA4IBAQA5Oh0E0TxV1Ca+TXP0C8WFw6wQRnshhQdG wbDq+KN0JBRDetD4zz2V+6rrFWNWUeWltYHEmhuVh2BTDzdiVz5CRLBCawNlIIaN +Vja2hDjgCgDREnMxhC4YmKnKECHeg8sT3584Mfe7gpkgBKpri/ETIWvEmhi5S9E h4QJkQ+GkQ4XYi9T2EDF+n4WuOCUYqwSdK9HIrAQlc0b34W/LNh2jkX/VM7D7mm7 YnKsux3s/tWJ2rU0ae4VAVaRp95qrxhgZ2O3DOS32YUPgc4gCzbGZkZloWz30L4a wDEQDrqlCbUJOaLEoHGJPgjmFbchvHcFo3jIKt8qIrmNBOHFUz59 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4pRYj3RkHUZ+w5ALEXW mxWBSO8/Syyxaoaef/Cr78F5DxW47GPTtuM938mS9wzqCLx6j6YlV0NwrdVEMp58 hKMyz7O3sti2QpmkIioCOX+WzyNtf9E4LyrJVGj8FUXlAmihB/bBlbuFJiQF5OmH p+xt2cYFLKn8WGCOuq3c42qotbM6QMw/QhWe8DhtTYPe0uqK8D6um0E9rbtgh3/B 4+N5F39DcZcYVq4JwYmUfMpINFoQNZ0hCwP+bl4WzjRbGuqu4wreuWqboJzp/uW2 SKh3EYwLCkY+Y8tfrSHeAnBI+pB98ukOL7LzB1G2fWDCNqufR+NJ/yDOB99CtRgF 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 282449825866981745974845145243349101139 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Signet Group Services US Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sma.jewels.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21150004030546725168917097600844881282155573680799370287713281835766253307969889668645270784912744663238825120378829427137982645042302031893851634511171169191123041709793301026579732034574532937640116611548667206775245445616512584842408847694666122572432226922357783340123311844251801954325705683421990596600064780359696149457643437468168483738120985251306538957332268294162915173713590691937794023085175179863646021199288609387819222289554792664620076316142054907673540876929371671112782194287155311028225005912500297966056080278220416078879711393287888065143908812119894270758786792181537321431817630137118543578579 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c819d6caab26e89239cbe7a37d09a49c84d306cf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sma.jewels.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sma.jewels.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 0165007500dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000018fffc609760000040300463044022007fba4bee49797d46429ac00cdc3158ee2f99f8c391ee4e8b90cf4d8ecbfebe902206386a311a9ec934fe6c88726370fad1116afd76238f2aed8676031a2d640d9660075000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa340000018fffc60a070000040300463044022048e0490e398042e0973915b79bb816a00d1a992f9c5146875c38ec18a26f045702205f2e27a34ca7b234262607a0a2795593d9d42bc2b868badd2af545a1e03a373200750012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a0000018fffc6091a000004030046304402205af0cb5aa974c43e1270fce59a5614912db9d6f3de94ed834083182d6025401d02203c7b804ca5d565e5053c060994ffae21ba5b1febd1d4db675f9773fa1c9920ed . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00393a1d04d13c55d426be4d73f40bc585c3ac10467b21850746c1b0eaf8a3742414437ad0f8cf3d95fbaaeb15635651e5a5b581c49a1b958760530f3762573e4244b0426b036520868df958dada10e38028034449ccc610b86262a72840877a0f2c4f7e7ce0c7deee0a648012a9ae2fc44c85af126862e52f44878409910f86910e17622f53d840c5fa7e16b8e09462ac1274af4722b01095cd1bdf85bf2cd8768e45ff54cec3ee69bb6272acbb1decfed589dab53469ee15015691a7de6aaf18606763b70ce4b7d9850f81ce200b36c6664665a16cf7d0be1ac031100ebaa509b50939a2c4a071893e08e615b721bc7705a378c82adf2a22b98d04e1c5533e7d