secure07.stage.lithium.com

- Lithium Technologies, Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 0f:42:23:5a:ba:ce:aa:b9:a5:db:db:e7:68:c8:b3:ac was issued on by DigiCert Inc.

With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Lithium Technologies, Inc.

Organization: Lithium Technologies, Inc.
Organization unit: TechOps
State / Province: California
Locality: San Francisco
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:42:23:5a:ba:ce:aa:b9:a5:db:db:e7:68:c8:b3:ac
Serial Number (int): 20281828602121847581807265926536016812
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 9b:9a:62:b3:72:92:a6:31:ee:2e:64:c8:be:bc:18:2f:bd:1b:a1:34
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 77:d1:a6:88:df:0e:8f:51:03:db:e0:6b:fc:0b:1f:42:58:ae:b3:5c
Fingerprint (sha256): 5c:eb:57:6c:f2:6c:ea:76:e7:72:da:2b:39:50:b8:36:64:16:92:a9:a2:0a:8e:55:0c:ed:3b:74:37:c3:40:fc

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl

Check the revocation status for certificate secure07.stage.lithium.com

15

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure07.stage.lithium.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure07.stage.lithium.com
community-stage.qvc.com
stage-community.postgresrocks.net
community-stage.360insights.com
stageforum.videotron.com
staging.forums.br.leagueoflegends.com
ppjuiceforums.verizonwireless.com
community-stage.infogain.com
community.qa3.sephora.com
securechat-stage.sprint.com
community-stage2.netgear.com
supportforums-stage.cisco.com
communitystage.illumina.com
community.stage.ptc.com
community-staging.meraki.com

Other certificates including the domain name lithium.com

(limited to 100 certificates)
secure06.stage.lithium.com
secure07.stage.lithium.com
secure07.stage.lithium.com
campus.lithium.com
statuspage.io
secure03.stage.lithium.com
secure07.lithium.com
vanity3.lithium.com
ebay01.secure.lithium.com
polycom.stage.lithium.com
secure04.stage.lithium.com
secure06.stage.lithium.com
sane01.secure.lithium.com
secure02.lithium.com
secure06.lithium.com
secure08.lithium.com
amp-forms.lithium.com
secure05.stage.lithium.com
mediasaturn01.secure.stage.lithium.com
secure08.lithium.com
statuspage.io
statuspage.io
vanity4.lithium.com
secure03.lithium.com
secure09.lithium.com
campus.lithium.com
secure01.preprod.lithium.com
statuspage.io
secure08.lithium.com
secure05.lithium.com
sane01.secure.lithium.com
secure06.lithium.com
secure03.stage.lithium.com
secure02.lithium.com
secure08.lithium.com
ak-att01.secure.lithium.com
secure08.lithium.com
statuspage.io
secure01.lithium.com
secure03.stage.lithium.com
secure05.stage.lithium.com
secure01.lithium.com
secure03.lithium.com
secure04.lithium.com
secure02.stage.lithium.com
secure04.stage.lithium.com
secure04.lithium.com
bmw01.secure.stage.lithium.com
sane01.secure.lithium.com
bosch01.secure.stage.lithium.com
secure04.stage.lithium.com
secure02.stage.lithium.com
secure06.stage.lithium.com
kvoqx44227.stage.lithium.com
*.socialweb.stage.lithium.com
duamz84957.lithium.com
ekzqi67577.lithium.com
vodafone01.secure.lithium.com
secure07.lithium.com
secure06.lithium.com
statuspage.io
secure07.stage.lithium.com
statuspage.io
secure06.lithium.com
secure03.stage.lithium.com
secure04.stage.lithium.com
secure03.lithium.com
secure05.stage.lithium.com
secure04.lithium.com
wpxey54623.lithium.com
secure01.lithium.com
bmw01.secure.stage.lithium.com
statuspage.io
pvsmt99345.lithium.com
secure02.stage.lithium.com
secure01.preprod.lithium.com
secure02.lithium.com
secure01.stage.lithium.com
secure04.stage.lithium.com
statuspage.io
secure02.lithium.com
secure05.lithium.com
statuspage.io
vanity3.lithium.com
google01.secure.lithium.com
cdapi.lithium.com
secure06.lithium.com
statuspage.io
secure03.stage.lithium.com
secure07.stage.lithium.com
statuspage.io
statuspage.io
secure07.lithium.com
secure06.stage.lithium.com
secure08.lithium.com
ak-google01.secure.lithium.com
sane01.secure.lithium.com
statuspage.io
statuspage.io
mediasaturn01.secure.stage.lithium.com

Certificate

The complete raw certificate details for secure07.stage.lithium.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHNDCCBhygAwIBAgIQD0IjWrrOqrml29vnaMizrDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNzA1MjUwMDAwMDBaFw0xODA1MTYxMjAwMDBa
MIGWMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN
U2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaTGl0aGl1bSBUZWNobm9sb2dpZXMsIElu
Yy4xEDAOBgNVBAsTB1RlY2hPcHMxIzAhBgNVBAMTGnNlY3VyZTA3LnN0YWdlLmxp
dGhpdW0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOR3oJEs
y+3MVc6Nb+ICL6ctDZoH+q8ujZRwgJqQPpCkmQbP4YxCmjz3GPaqEH8oTbRX84gm
pgjkCJo4vXmzFDHOfm2VCbTiEaYUbQahtrxEh1rbTxrPsLlDNXUvbgbmcrrUxWpE
UBMiIzg6Q1xG6g+tXLoA5Mpar5F0uA/PNGIZIycmtI1NV93RWylaGeglHQQ/Z052
uF5xCyR/GPnPznkMjaVkCpRQuGF1jyQFmhLTnYqklybFTIr4ctFUKG87Tn1KO5rs
Tce4ykUew0efOm0qcnBpCnoRIH3QGP+c6eJ6KTFwcbwv2DVPCHuv4u8r7zBekPAE
Lv+sWD2iWshYUwIDAQABo4IDoTCCA50wHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNll
ZGKiErhZcjswHQYDVR0OBBYEFJuaYrNykqYx7i5kyL68GC+9G6E0MIIB0QYDVR0R
BIIByDCCAcSCGnNlY3VyZTA3LnN0YWdlLmxpdGhpdW0uY29tghdjb21tdW5pdHkt
c3RhZ2UucXZjLmNvbYIhc3RhZ2UtY29tbXVuaXR5LnBvc3RncmVzcm9ja3MubmV0
gh9jb21tdW5pdHktc3RhZ2UuMzYwaW5zaWdodHMuY29tghhzdGFnZWZvcnVtLnZp
ZGVvdHJvbi5jb22CJXN0YWdpbmcuZm9ydW1zLmJyLmxlYWd1ZW9mbGVnZW5kcy5j
b22CIXBwanVpY2Vmb3J1bXMudmVyaXpvbndpcmVsZXNzLmNvbYIcY29tbXVuaXR5
LXN0YWdlLmluZm9nYWluLmNvbYIZY29tbXVuaXR5LnFhMy5zZXBob3JhLmNvbYIb
c2VjdXJlY2hhdC1zdGFnZS5zcHJpbnQuY29tghxjb21tdW5pdHktc3RhZ2UyLm5l
dGdlYXIuY29tgh1zdXBwb3J0Zm9ydW1zLXN0YWdlLmNpc2NvLmNvbYIbY29tbXVu
aXR5c3RhZ2UuaWxsdW1pbmEuY29tghdjb21tdW5pdHkuc3RhZ2UucHRjLmNvbYIc
Y29tbXVuaXR5LXN0YWdpbmcubWVyYWtpLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0
dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNS5jcmwwNKAy
oDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNS5j
cmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEBBHcw
dTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUF
BzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGln
aEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCNZ5qeK791+nsaY5077Nq3q9tQ4jF7TdmZvdM5KNAzS0gh55tKTBJH
GszRpObVuaD3Micmp6JTHx8DWPU4Er7onxQLXA5WsXhawRbk1dzIA/sSijcIj3ZR
JVQvkQehpMiIq/xpXLg5x5f9eRKmHQH8DAqmVtQ2i/knPAbRK3ihzydSuosafTC7
W6i/vz9jdDyS+CbkRDO/wRD3Kn0irt+P2ffL0hqo9qvI/yy2KuZjwAhqpuzVSSMA
8YcSJI2MlS40NJO2dq1dHuwJBNojGQLBjFBKfu+vorwmFP61e8hwqwfTzQ6lotZa
TWPSxq79h5qBvxLofV6qDT5n7acSEw4O
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOR3oJEsy+3MVc6Nb+IC
L6ctDZoH+q8ujZRwgJqQPpCkmQbP4YxCmjz3GPaqEH8oTbRX84gmpgjkCJo4vXmz
FDHOfm2VCbTiEaYUbQahtrxEh1rbTxrPsLlDNXUvbgbmcrrUxWpEUBMiIzg6Q1xG
6g+tXLoA5Mpar5F0uA/PNGIZIycmtI1NV93RWylaGeglHQQ/Z052uF5xCyR/GPnP
znkMjaVkCpRQuGF1jyQFmhLTnYqklybFTIr4ctFUKG87Tn1KO5rsTce4ykUew0ef
Om0qcnBpCnoRIH3QGP+c6eJ6KTFwcbwv2DVPCHuv4u8r7zBekPAELv+sWD2iWshY
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20281828602121847581807265926536016812
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-16 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lithium Technologies, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TechOps'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure07.stage.lithium.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24855369194873565300192419168056982278874738974769210309600872029529808116519643407896017851273075374448988398566107992500742356389022570262324376551348858997826170263230114439898420992315570128237692139447414307286693363170826909864677172725985570144405286901211266324361716704985918374868505570578770930857059592365523890826468960823854174376545823627355148164093363290631552722021205464443097082607683909728417756455408267651062831709821199650874123104306565820017631636716165807910765086539444107926671181965994350771186025661274198271487075336752738582168400104636815607638004957576419287728005005964463091243091
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9b9a62b37292a631ee2e64c8bebc182fbd1ba134
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (456 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure07.stage.lithium.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community-stage.qvc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-community.postgresrocks.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community-stage.360insights.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stageforum.videotron.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.forums.br.leagueoflegends.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ppjuiceforums.verizonwireless.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community-stage.infogain.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community.qa3.sephora.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securechat-stage.sprint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community-stage2.netgear.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'supportforums-stage.cisco.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'communitystage.illumina.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community.stage.ptc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community-staging.meraki.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008d679a9e2bbf75fa7b1a639d3becdab7abdb50e2317b4dd999bdd33928d0334b4821e79b4a4c12471accd1a4e6d5b9a0f7322726a7a2531f1f0358f53812bee89f140b5c0e56b1785ac116e4d5dcc803fb128a37088f765125542f9107a1a4c888abfc695cb839c797fd7912a61d01fc0c0aa656d4368bf9273c06d12b78a1cf2752ba8b1a7d30bb5ba8bfbf3f63743c92f826e44433bfc110f72a7d22aedf8fd9f7cbd21aa8f6abc8ff2cb62ae663c0086aa6ecd5492300f18712248d8c952e343493b676ad5d1eec0904da231902c18c504a7eefafa2bc2614feb57bc870ab07d3cd0ea5a2d65a4d63d2c6aefd879a81bf12e87d5eaa0d3e67eda712130e0e