XP Investimentos S/A

- XP Investimentos S/A -

Issued by DigiCert Verified Mark RSA4096 SHA256 2021 CA1

About this certificate

This digital certificate with serial number 05:03:5d:bf:4c:19:82:0c:69:04:3b:c7:0c:50:27:f7 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

XP Investimentos S/A

Company registration number: 16.838.421/0001-26
Organization: XP Investimentos S/A
Address: Av. Chedid Jafet, 75 - Torre Sul - Vila Olímpia
Locality: São Paulo
Country: BR

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:03:5d:bf:4c:19:82:0c:69:04:3b:c7:0c:50:27:f7
Serial Number (int): 6663618289724061705726066142477297655
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 53:72:18:89:46:ea:d0:e8:0d:f9:5e:21:d4:16:4e:91:c4:d4:3f:c2
AuthorityKeyId: be:9f:bd:8d:57:6d:95:b5:ad:63:c3:97:4e:ab:a8:84:5d:3a:07:f5

Fingerprint (sha1): d2:66:ca:fb:1d:d2:9e:6c:ae:21:2e:13:8e:ef:72:d7:2d:c2:ef:f0
Fingerprint (sha256): 58:16:be:16:15:f8:2b:e2:22:35:88:23:1c:53:44:25:97:b7:cd:5f:81:6d:e4:9f:5c:64:61:42:d1:7c:d3:eb

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt

Revocation information

CRL Distribution Point: http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl

Check the revocation status for certificate XP Investimentos S/A

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for XP Investimentos S/A

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Extended Key Usages

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

maisrico.com.vc
rico.com.vc

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for XP Investimentos S/A in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILFjCCCP6gAwIBAgIQBQNdv0wZggxpBDvHDFAn9zANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNzA1BgNVBAMT
LkRpZ2lDZXJ0IFZlcmlmaWVkIE1hcmsgUlNBNDA5NiBTSEEyNTYgMjAyMSBDQTEw
HhcNMjMwOTAyMDAwMDAwWhcNMjQwODMxMjM1OTU5WjCCATwxEzARBgsrBgEEAYI3
PAIBAxMCQlIxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRswGQYDVQQF
ExIxNi44MzguNDIxLzAwMDEtMjYxCzAJBgNVBAYTAkJSMRMwEQYDVQQHDApTw6Nv
IFBhdWxvMTkwNwYDVQQJDDBBdi4gQ2hlZGlkIEphZmV0LCA3NSAtIFRvcnJlIFN1
bCAtIFZpbGEgT2zDrW1waWExHTAbBgNVBAoTFFhQIEludmVzdGltZW50b3MgUy9B
MR0wGwYDVQQDExRYUCBJbnZlc3RpbWVudG9zIFMvQTEfMB0GCisGAQQBg55fAQ0T
D1JlZ2lzdGVyZWQgTWFyazESMBAGCisGAQQBg55fAQMTAkJSMRkwFwYKKwYBBAGD
nl8BBBMJOTIxMjY4MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
qh9Sj4gCC/f0B7ucO0UUqPxpWO3xMedR8nrcyrEZIkF55ROnrqnlo11dqUDC0/yj
gBz7aikvQYhX8pZtk12ppSpKECUFvPx0Dw7WdkSvxX8G6BxCKjm3l3J9KdpGvzsT
HV84lRKBEIHFdja2lgtRdX6m0XtYFW3Htj4n7uhofR+o+W3N6Du3D3SBuGoxwqyx
LQm+x89qHiP9cpQ2Adz1lRD7+DychVjVil9GkVfJwJQK0BVObZ3484Cgou6wEslO
aZ8dQFaW0VtCPLgWLSEfvVytsFPQv1RBBozaE/i25moohvj7sw3vBMwZjwn7jm8s
HOCNWEsEWWq5w8tHjRCrowIDAQABo4IF7TCCBekwHwYDVR0jBBgwFoAUvp+9jVdt
lbWtY8OXTquohF06B/UwHQYDVR0OBBYEFFNyGIlG6tDoDfleIdQWTpHE1D/CMCcG
A1UdEQQgMB6CD21haXNyaWNvLmNvbS52Y4ILcmljby5jb20udmMwEwYDVR0lBAww
CgYIKwYBBQUHAx8wgaUGA1UdHwSBnTCBmjBLoEmgR4ZFaHR0cDovL2NybDMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0VmVyaWZpZWRNYXJrUlNBNDA5NlNIQTI1NjIwMjFD
QTEuY3JsMEugSaBHhkVodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRW
ZXJpZmllZE1hcmtSU0E0MDk2U0hBMjU2MjAyMUNBMS5jcmwwUAYDVR0gBEkwRzA3
BgpghkgBhv1sAAIFMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzAMBgorBgEEAYOeXwEBMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VmVyaWZpZWRN
YXJrUlNBNDA5NlNIQTI1NjIwMjFDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggNsBggr
BgEFBQcBDASCA14wggNaooIDVqCCA1IwggNOMIIDSjCCA0YWDWltYWdlL3N2Zyt4
bWwwIzAhMAkGBSsOAwIaBQAEFKjlO9BHzsjtbD2t4NDIAojBLIAlMIIDDhaCAwpk
YXRhOmltYWdlL3N2Zyt4bWw7YmFzZTY0LEg0c0lBQUFBQUFBQUNtMVNUVytiUUJB
OW0xOHgzWjRxN1M3N3haZGxIRFZXRytWUUtXcWtYQ3NDR3h1VkFJSzFjZlByTzd0
VWJRNjFzSG5Nekw3MzVwbmR6ZlcxZzR1ZDVuYm9TeUs1SUdEN2VtamEvbGlTczN0
aE9iblpSN3NQak1HZDdlMVV1V0hhd3VkbWVMWnczM1huMllVU3FKUXJMaWs4UHQz
QmwrczRUQTRldXZPUjNmZkFRL0ZwMWRoQ3lvV0EyM1BiTlNBK0FUQ0c5UFBsK042
RUl2QmN6ZlpoR2w3YXpwYkV0ZjB2TnM0RTJxWWtoK3ExYXFvZmtrUWJRUFA5WEpL
VGMrTTJqcGRsNFl2bXczU01sUkFpUmxheWpteXZYZHYvL04rZ0xJb2lEbDBDY0du
dGNqdGNTeUpBZ0U3RDE4dDRrdTA4VmpWNkdTYzcyK2xpQ2RwMnJldnMvbnRiRDd0
NHhkRnVzclVEdE4yVjVPUFg4Q0d3dEkwN2xjU3p3Y20yeDVOYkgyS2NIeXQzK2pl
Zm9IRUN1T1UzWlNUUHFaU21abG9qRWl4SnVLR3E0SkpsQ1VhZFlFY1dQS1BLOEl4
cGdRaVBaQ3dSNFk3TkhLY0UwNWduazRibks5S0s1OUdtRnI2ZFVLbjhXU3hSTGNP
OXpybWlnc3FNcDFSNzhwUnJuT3BRU1RPbGtEWFFLYVl5cGdSNk1ZYW5BUjF5L3dL
Z1lYUkdwVkZJNEVHV2VUV3FVMTRnR1UwMVhqaVg2aHA5RzVUQ1NZbUVhQ2IxOW5Y
R1pZM2VVRnBqVGZ1bGZjMGYwd0hWeU9VUFlpRm42QzliVWFxanpVR0wxSnNJNmly
TC94ajZtK1ViWUs1ZVNva0NkL1g1aFlod0k4MExaaEw4OFNuVkVuZnlxWVM0dFVG
bDdKbUFhaDhGeW11dklYMHJvRFhYUitXWFdPbnBPNm0zOEYvN04zSWYvUWE3ZDkw
RGRBTUFBQT09MIGKBgorBgEEAdZ5AgQCBHwEegB4AHYAVVlTrjCWAIBs0utSCKbJ
npMYKKwQVrRCHFU2FUxfdawAAAGKVGt1DwAABAMARzBFAiBU129JHJZtleyxV2lA
rR63uJssWtigZJ8d9XYr8eiUcAIhAKCaDUbzYI5GbUzv4q/gAfMRUrAS3+AvBSm6
/ynkEoJ8MA0GCSqGSIb3DQEBCwUAA4ICAQDL4c+YVD+1DTY2m6tcj82XBqWq+a4O
samiw+w+7iLlSoSVZsJJeaOhreFkeoHiKwzFF+wXUfnZ/swROpYyCpwE2gfvS+2J
PWMW/5i6qjixjZGGeYbtrLPqIBZAaFy2DJtARueGE48W3ecYdE3ErZuml7gPXL1i
ttX4WBFzDdEVoa6VzqSB/h96fG+bx6TSxykMfo8Mn0BG757l4RgBx9jvVxzhBhEp
WeY7UxCTk+6HsuybvYop9UxQR+vjT98zXx2cD2KB0l1NLi0UKkDIXj0hAWT4wmJf
z/Fta97dyF2V/ZeuL+GOjuKkwjMWRjtueXqeP/MpPVtg5lhzyxu5aLM7Reioq2A3
/hD4D8gSUBVsmuaQgf3feMJMdDkkK6S47wmHbtLhg3GFct8i8CcE8qSI317uTVSj
BeJN8tV7t1jdxfA1C5pQj4Ee5Uv1tDs5JwqCO01E43OrPiK6GvNjpDTpbJGkIBVB
HBUjpTFQU1keiJzphCr3vuSi5A/8NlD9OOuRd/2/+EDqwR5RqFdjX8t8Vl/q6HUW
FZxVoMSChEp7ZGU1o6EwzMAkR+bCJtSaOEUaZT2gMuLhJi+X2JHKyfo8VRTksfKa
DM7Bv42iXZMR1aw6BmAG3n/jpXORjyxhOoG/8fqDwOQ4M8PoxWZN7yIVjpLBLU9q
u28I1IgieNtIaA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh9Sj4gCC/f0B7ucO0UU
qPxpWO3xMedR8nrcyrEZIkF55ROnrqnlo11dqUDC0/yjgBz7aikvQYhX8pZtk12p
pSpKECUFvPx0Dw7WdkSvxX8G6BxCKjm3l3J9KdpGvzsTHV84lRKBEIHFdja2lgtR
dX6m0XtYFW3Htj4n7uhofR+o+W3N6Du3D3SBuGoxwqyxLQm+x89qHiP9cpQ2Adz1
lRD7+DychVjVil9GkVfJwJQK0BVObZ3484Cgou6wEslOaZ8dQFaW0VtCPLgWLSEf
vVytsFPQv1RBBozaE/i25moohvj7sw3vBMwZjwn7jm8sHOCNWEsEWWq5w8tHjRCr
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6663618289724061705726066142477297655
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Verified Mark RSA4096 SHA256 2021 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-31 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '16.838.421/0001-26'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'São Paulo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Av. Chedid Jafet, 75 - Torre Sul - Vila Olímpia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'XP Investimentos S/A'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'XP Investimentos S/A'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.13
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Registered Mark'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.4
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '921268157'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21475957545937890620098942223184896007777912642609056885509981824800269449733223784831886414377826116493304745806487174337576279926954324963199129598745888754084697125184964612363200094822350859996958989297250881543540989812548654756444075681036446006059612043868301175207264585433567197797899143738700760205681343857079195462988823036718900297517395688227746302749214905696080919618248991221231442438713061741471400014623041001662859358221783371148063752840602867723606608716300274322253469824843548205375150590101732644061744656761652776772992385162341699257014652040229618816806044853569240257049686738994763705251
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName be9fbd8d576d95b5ad63c3974eaba8845d3a07f5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5372188946ead0e80df95e21d4164e91c4d43fc2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maisrico.com.vc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rico.com.vc'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.31
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.0.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.12 (logoType)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (862 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|true] IA5String 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'image/svg+xml'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.14.3.2.26 (sha1)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
															a8e53bd047cec8ed6c3dade0d0c80288c12c8025
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'data:image/svg+xml;base64,H4sIAAAAAAAACm1STW+bQBA9m18x3Z4q7S77xZdlHDVWG+VQKWqkXCsCGxuVAIK1cfPrO7tUbQ61sHnMzL735pndzfW1g4ud5nboSyK5IGD7emja/liSs3thObnZR7sPjMGd7e1UuWHawudmeLZw33Xn2YUSqJQrLik8Pt3Bl+s4TA4euvOR3ffAQ/Fp1dhCyoWA23PbNSA+ATCG9PPl+N6EIvBczfZhGl7azpbEtf0vNs4E2qYkh+q1aqofkkQbQPP9XJKTc+M2jpdl4Yvmw3SMlRAiRlayjmyvXdv//N+gLIoiDl0CcGntcjtcSyJAgE7D18t4ku08VjV6GSc72+liCdp2revs/ntbD7t4xdFusrUDtN2V5OPX8CGwtI07lcSzwcm2x5NbH2KcHyt3+jefoHECuOU3ZSTPqZSmZlojEixJuKGq4JJlCUadYEcWPKPK8IxpgQiPZCwR4Y7NHKcE05gnk4bnK9KK59GmFr6dUKn8WSxRLcO9zrmigsqMp1R78pRrnOpQSTOlkDXQKaYypgR6MYanAR1y/wKgYXRGpVFI4EGWeTWqU14gGU01XjiX6hp9G5TCSYmEaCb19nXGZY3eUFpjTfulfc0f0wHVyOUPYiFn6C9bUaqjzUGL1JsI6irL/xj6m+UbYK5eSokCd/X5hYhwI80LZhL88SnVEnfyqYS4tUFl7JmAah8FymuvIX0roDXXR+WXWOnpO6m38F/7N3If/Qa7d90DdAMAAA=='
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:0|false] reserved for BER 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00cbe1cf98543fb50d36369bab5c8fcd9706a5aaf9ae0eb1a9a2c3ec3eee22e54a849566c24979a3a1ade1647a81e22b0cc517ec1751f9d9fecc113a96320a9c04da07ef4bed893d6316ff98baaa38b18d91867986edacb3ea201640685cb60c9b4046e786138f16dde718744dc4ad9ba697b80f5cbd62b6d5f85811730dd115a1ae95cea481fe1f7a7c6f9bc7a4d2c7290c7e8f0c9f4046ef9ee5e11801c7d8ef571ce106112959e63b53109393ee87b2ec9bbd8a29f54c5047ebe34fdf335f1d9c0f6281d25d4d2e2d142a40c85e3d210164f8c2625fcff16d6bdeddc85d95fd97ae2fe18e8ee2a4c23316463b6e797a9e3ff3293d5b60e65873cb1bb968b33b45e8a8ab6037fe10f80fc81250156c9ae69081fddf78c24c7439242ba4b8ef09876ed2e183718572df22f02704f2a488df5eee4d54a305e24df2d57bb758ddc5f0350b9a508f811ee54bf5b43b39270a823b4d44e373ab3e22ba1af363a434e96c91a42015411c1523a5315053591e889ce9842af7bee4a2e40ffc3650fd38eb9177fdbff840eac11e51a857635fcb7c565feae87516159c55a0c482844a7b646535a3a130ccc02447e6c226d49a38451a653da032e2e1262f97d891cac9fa3c5514e4b1f29a0ccec1bf8da25d9311d5ac3a066006de7fe3a573918f2c613a81bff1fa83c0e43833c3e8c5664def22158e92c12d4f6abb6f08d4882278db4868