san1.daznservices.com

- DAZN Limited -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 02:43:bb:20:a6:14:e3:5e:18:8b:d3:f2:70:b0:32:80 was issued on by DigiCert Inc.

With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

DAZN Limited

Organization: DAZN Limited
Locality: London
Country: GB

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:43:bb:20:a6:14:e3:5e:18:8b:d3:f2:70:b0:32:80
Serial Number (int): 3010135278388512375437107150883664512
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 54:b2:fd:85:40:5a:3d:23:48:f6:f6:f2:62:e0:ec:b4:e0:c9:67:7e
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 5c:75:3b:13:6d:49:7b:12:27:98:a5:8b:e5:8e:f4:12:90:4a:42:bf
Fingerprint (sha256): 55:20:0c:60:96:98:5e:ca:de:7f:fe:07:15:44:01:8a:bf:61:d0:9b:27:cf:bf:a6:3f:1e:ff:99:7d:bc:fa:32

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate san1.daznservices.com

23

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for san1.daznservices.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

san1.daznservices.com
api.bm.daznservices.com
api.daznfeeds.com
api.stage.daznfeeds.com
cmsimages.dazn.com
ep.daznfeeds.com
ep.stage.daznfeeds.com
fta.daznfeeds.com
fta.stage.daznfeeds.com
images-cdn-stag.dazn.com
images-cdn.dazn.com
images.daznservices.com
images.preprod.daznservices.com
images.stage.daznservices.com
oauth.daznservices.com
player.daznfeeds.com
player.daznservices.com
player.stage.daznfeeds.com
secsynmedia-download.daznservices.com
secure-geolocation.daznservices.com
vod.premrugby.aka.oss1.daznservices.com
widgets.bm.daznservices.com
www.daznplayer.com

Other certificates including the domain name daznservices.com

(limited to 100 certificates)
san15.performgroup.com
rails-management.daznservices.com
san17.performgroup.com
*.daznservices.com
ra.daznservices.com
san15.performgroup.com
stage.rails-management.daznservices.com
san18.performgroup.com
san18.performgroup.com
stage.rails-management.daznservices.com
san1.daznservices.com
san2.daznservices.com
san1.daznservices.com
san17.performgroup.com
san17.performgroup.com
san18.performgroup.com
stage.rails-management.daznservices.com
san15.performgroup.com
rails-management.daznservices.com
san1.daznservices.com
san1.daznservices.com
*.stage.daznservices.com
san18.performgroup.com
san2.daznservices.com
dev.rails-management.daznservices.com
san1.daznservices.com
san15.performgroup.com
san15.performgroup.com
san2.daznservices.com
san15.performgroup.com
san18.performgroup.com
san1.daznservices.com
san2.daznservices.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
san18.performgroup.com
san1.daznservices.com
san1.daznservices.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
san1.daznservices.com
san1.daznservices.com
dev.rails-management.daznservices.com
san1.daznservices.com
*.performgroup.com
san15.performgroup.com
san2.daznservices.com
san2.daznservices.com
san15.performgroup.com
ra.daznservices.com
san1.daznservices.com
san1.daznservices.com
san15.performgroup.com
san2.daznservices.com
san17.performgroup.com
san1.daznservices.com
san1.daznservices.com
san17.performgroup.com
test.rails-management.daznservices.com
ra.daznservices.com
*.dc1.daznservices.com
san2.daznservices.com
san1.daznservices.com
test.rails-management.daznservices.com
san1.daznservices.com
san1.daznservices.com
san17.performgroup.com
san2.daznservices.com
san1.daznservices.com
san1.daznservices.com
san15.performgroup.com
*.daznservices.com
san18.performgroup.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
ra.daznservices.com
*.dev.daznservices.com
san15.performgroup.com
ra.daznservices.com
san15.performgroup.com
san18.performgroup.com
san15.performgroup.com
san2.daznservices.com
dev.rails-management.daznservices.com
san15.performgroup.com
san15.performgroup.com
san18.performgroup.com
san15.performgroup.com
san2.daznservices.com
san17.performgroup.com
san17.performgroup.com
san18.performgroup.com
san1.daznservices.com
san1.daznservices.com
*.performgroup.com
san1.daznservices.com
test.rails-management.daznservices.com

Certificate

The complete raw certificate details for san1.daznservices.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHfjCCBmagAwIBAgIQAkO7IKYU414Yi9PycLAygDANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzAzMzAwMDAwMDBa
Fw0yNDAxMDYyMzU5NTlaMFUxCzAJBgNVBAYTAkdCMQ8wDQYDVQQHEwZMb25kb24x
FTATBgNVBAoTDERBWk4gTGltaXRlZDEeMBwGA1UEAxMVc2FuMS5kYXpuc2Vydmlj
ZXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mo0mfTuhvKt
Tdl7NolIXSOC4yAr7BQ0k/xuTU//xmWjM1xfn2WeP4OMsdH0qFIpMPu+my3Fl4IU
76Ur5j/yDpHvhd8IMbR2+EsIVVp0xKCRHVhfKGUU2Fx8RRsidZtHA30exqE2R+rP
ddhA1kuaDKlPt1D2xwyzpIfwmoAOZ18Eamyyu+Vpz1dv7wO3d3YzUE8PnI5rI5jc
WVWr0InuWwJjSoT4m5yu+Ioys7KxvPE4r4fAIKvd30RPfZl7ddvU/hRKETYGfnU1
TqA31LsdTcaqJRyWX7xW6XBjCwx9H80fLAflEDRhNl2SKivjVjcTp2dUj1a1bYDs
7VIyJT7sfQIDAQABo4IETjCCBEowHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iy
xZV2ufQwHQYDVR0OBBYEFFSy/YVAWj0jSPb28mLg7LTgyWd+MIICZAYDVR0RBIIC
WzCCAleCFXNhbjEuZGF6bnNlcnZpY2VzLmNvbYIXYXBpLmJtLmRhem5zZXJ2aWNl
cy5jb22CEWFwaS5kYXpuZmVlZHMuY29tghdhcGkuc3RhZ2UuZGF6bmZlZWRzLmNv
bYISY21zaW1hZ2VzLmRhem4uY29tghBlcC5kYXpuZmVlZHMuY29tghZlcC5zdGFn
ZS5kYXpuZmVlZHMuY29tghFmdGEuZGF6bmZlZWRzLmNvbYIXZnRhLnN0YWdlLmRh
em5mZWVkcy5jb22CGGltYWdlcy1jZG4tc3RhZy5kYXpuLmNvbYITaW1hZ2VzLWNk
bi5kYXpuLmNvbYIXaW1hZ2VzLmRhem5zZXJ2aWNlcy5jb22CH2ltYWdlcy5wcmVw
cm9kLmRhem5zZXJ2aWNlcy5jb22CHWltYWdlcy5zdGFnZS5kYXpuc2VydmljZXMu
Y29tghZvYXV0aC5kYXpuc2VydmljZXMuY29tghRwbGF5ZXIuZGF6bmZlZWRzLmNv
bYIXcGxheWVyLmRhem5zZXJ2aWNlcy5jb22CGnBsYXllci5zdGFnZS5kYXpuZmVl
ZHMuY29tgiVzZWNzeW5tZWRpYS1kb3dubG9hZC5kYXpuc2VydmljZXMuY29tgiNz
ZWN1cmUtZ2VvbG9jYXRpb24uZGF6bnNlcnZpY2VzLmNvbYIndm9kLnByZW1ydWdi
eS5ha2Eub3NzMS5kYXpuc2VydmljZXMuY29tght3aWRnZXRzLmJtLmRhem5zZXJ2
aWNlcy5jb22CEnd3dy5kYXpucGxheWVyLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyG
Omh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIw
MjBDQTEtNC5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp
Q2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwPgYDVR0gBDcwNTAzBgZngQwB
AgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH8G
CCsGAQUFBwEBBHMwcTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
Y29tMEkGCCsGAQUFBzAChj1odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
aUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3J0MAkGA1UdEwQCMAAwEwYKKwYB
BAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBALGrh9M+tgvPY0eN9qlN
Y46DcrhvK8uER1KBGmit74Fq5r/VwNaD329xkHA5Lz4bitAeadU6dJWn4sqysc9i
D3eMKjGTdo62W0zqwZnGqdcMstZUPLzJqOXVde17Kt5DLZM2PEeXOsZc0CmLxCQM
+lFAxKeN1GomOU/FUySqiQP8vF12f3FK/1/+plAy02pJtpW6u9+RAX7fYg1Nwf6S
qMn/5ay5iLHmrJngiOg0Xskpb44IgarSCL1qUBKs1uOl3RBAMA3IVlU3JqBD2cz1
bdVcgbgKVJOQ6Ns28iSdDinFwqP8GjgKmGXsvkJ5VghsQQi++CNay3mgSKy46i1S
j4c=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mo0mfTuhvKtTdl7NolI
XSOC4yAr7BQ0k/xuTU//xmWjM1xfn2WeP4OMsdH0qFIpMPu+my3Fl4IU76Ur5j/y
DpHvhd8IMbR2+EsIVVp0xKCRHVhfKGUU2Fx8RRsidZtHA30exqE2R+rPddhA1kua
DKlPt1D2xwyzpIfwmoAOZ18Eamyyu+Vpz1dv7wO3d3YzUE8PnI5rI5jcWVWr0Inu
WwJjSoT4m5yu+Ioys7KxvPE4r4fAIKvd30RPfZl7ddvU/hRKETYGfnU1TqA31Lsd
TcaqJRyWX7xW6XBjCwx9H80fLAflEDRhNl2SKivjVjcTp2dUj1a1bYDs7VIyJT7s
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3010135278388512375437107150883664512
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DAZN Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'san1.daznservices.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26562415914123643989830892831320505507230093277065786233755027201641331065850557489860654054734307431601940864568023015210773720569887483566755345758400890023839814309049407959737974470556317189300210906114452754244323890754831475634727501359290296263887805566661585779536342711172607333522691757227342848896114617985305097758802189912440610243351732325270440645598462946198872673745586373336309554749648126718523233882427485991365778104437398828714525584830448962916507268461737453787804758080763138789491085063679178081451343119036131024404830833211125322235710057760106136305208011898291852242727864203199920401533
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							54b2fd85405a3d2348f6f6f262e0ecb4e0c9677e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'san1.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.bm.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.stage.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmsimages.dazn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ep.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ep.stage.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fta.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fta.stage.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images-cdn-stag.dazn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images-cdn.dazn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.preprod.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.stage.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oauth.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'player.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'player.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'player.stage.daznfeeds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secsynmedia-download.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure-geolocation.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vod.premrugby.aka.oss1.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'widgets.bm.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.daznplayer.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b1ab87d33eb60bcf63478df6a94d638e8372b86f2bcb844752811a68adef816ae6bfd5c0d683df6f719070392f3e1b8ad01e69d53a7495a7e2cab2b1cf620f778c2a3193768eb65b4ceac199c6a9d70cb2d6543cbcc9a8e5d575ed7b2ade432d93363c47973ac65cd0298bc4240cfa5140c4a78dd46a26394fc55324aa8903fcbc5d767f714aff5ffea65032d36a49b695babbdf91017edf620d4dc1fe92a8c9ffe5acb988b1e6ac99e088e8345ec9296f8e0881aad208bd6a5012acd6e3a5dd1040300dc856553726a043d9ccf56dd55c81b80a549390e8db36f2249d0e29c5c2a3fc1a380a9865ecbe427956086c4108bef8235acb79a048acb8ea2d528f87