*.cityofhope.org

- City of Hope -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0a:9e:38:81:fc:3c:ff:75:14:4a:a2:bd:50:53:88:b3 was issued on by DigiCert Inc.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

City of Hope

Organization: City of Hope
State / Province: California
Locality: Duarte
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0a:9e:38:81:fc:3c:ff:75:14:4a:a2:bd:50:53:88:b3
Serial Number (int): 14113808974932394715329363051751377075
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b8:8c:0f:f1:b5:08:6e:6f:08:ea:5d:38:ba:cf:ae:6f:36:48:45:b8
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): 51:38:6d:a3:fb:85:fa:f9:de:27:88:64:8f:e1:39:29:30:af:60:22
Fingerprint (sha256): 60:28:58:68:ff:d7:4d:a8:34:81:1c:8e:3f:0b:9e:5c:17:14:ee:89:90:fc:88:7e:3c:bd:aa:1a:45:b3:66:13

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate *.cityofhope.org

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.cityofhope.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.cityofhope.org
www.cityofhope.org
prod-www.cityofhope.org
dev-www.cityofhope.org
stg-www.cityofhope.org
acquia.cityofhope.org
lcguide.cityofhope.org
dev-lcguide.cityofhope.org
stage-lcguide.cityofhope.org
prod-lcguide.cityofhope.org

Other certificates including the domain name cityofhope.org

(limited to 100 certificates)
*.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
san-13-s10.tlsprovisioning.exacttarget.com
sni.cloudflaressl.com
*.cityofhope.org
sni.cloudflaressl.com
secure.cityofhope.org
ssl546023.cloudflaressl.com
apply.gradschool.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
*.cityofhope.org
*.cityofhope.org
www.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
ourhope.cityofhope.org
*.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
events.cityofhope.org
sni.cloudflaressl.com
cityshop.cityofhope.org
sni.cloudflaressl.com
*.cityofhope.org
sni.cloudflaressl.com
cme.cityofhope.org
ssl546022.cloudflaressl.com
ssl546026.cloudflaressl.com
breakthroughs.cityofhope.org
ourhope.cityofhope.org
apis.cityofhope.org
*.cityofhope.org
ourhope.cityofhope.org
ourhope.cityofhope.org
san-13-s10.tlsprovisioning.exacttarget.com
sni.cloudflaressl.com
secure.cityofhope.org
*.cityofhope.org
*.cityofhope.org
RECRUITING.CITYOFHOPE.ORG
*.cityofhope.org
secure.cityofhope.org
ourhope.cityofhope.org
sni.cloudflaressl.com
mask.stayclassy.org
ourhope.cityofhope.org
*.cityofhope.org
*.cityofhope.org
apply.gradschool.cityofhope.org
*.cityofhope.org
mask.stayclassy.org
sni.cloudflaressl.com
*.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
ssl546026.cloudflaressl.com
sni.cloudflaressl.com
care.cityofhope.org
sni.cloudflaressl.com
cityshop.cityofhope.org
*.cityofhope.org
mask.stayclassy.org
secure.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
github.cityofhope.org
ourhope.cityofhope.org
github.cityofhope.org
*.cityofhope.org
sni.cloudflaressl.com
cityshop.cityofhope.org
ourhope.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
mask.stayclassy.org
sni.cloudflaressl.com
sni.cloudflaressl.com
dev-www.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
github.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
ssl330954.cloudflaressl.com
san-13-s10.tlsprovisioning.exacttarget.com
ourhope.cityofhope.org
cme.cityofhope.org
apply.gradschool.cityofhope.org
github.cityofhope.org
ourhope.cityofhope.org
sni.cloudflaressl.com
*.cityofhope.org
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com

Certificate

The complete raw certificate details for *.cityofhope.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHvjCCBqagAwIBAgIQCp44gfw8/3UUSqK9UFOIszANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx
MjA2MDAwMDAwWhcNMjUwMTAzMjM1OTU5WjBlMQswCQYDVQQGEwJVUzETMBEGA1UE
CBMKQ2FsaWZvcm5pYTEPMA0GA1UEBxMGRHVhcnRlMRUwEwYDVQQKEwxDaXR5IG9m
IEhvcGUxGTAXBgNVBAMMECouY2l0eW9maG9wZS5vcmcwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDRWF3RLUlQvM2T6DAbUPdo5iA5fegrLbahYWFjuPEQ
7LUI5ZvRWeqHSiHp5g5J0nlfuNQAdDLiXi2DEGqSAW2cB3U1UVhHnLhRnt/qMYBq
rIscHusm3eAOThUKQsVNvAEjRx5XpgOparqSRKl0NF9Q7iixT1zdW1QoCZl2q+yk
BZVRKP062qLrBMBJaWbwo7neIs7655BKoxjvWo7TFcb6MIDh67uoiNhM2tMsGFFm
Opoa0eqFnAlX0NS4Ltzfv8i8p6cvHITBft09kfixcsn8KP7W5XfHEy6HVImv9abD
I4+WxfhXezthAGjS89I6ioG0O9jSZi5wjRBJ/mTjwpl3AgMBAAGjggR0MIIEcDAf
BgNVHSMEGDAWgBR0hYDAZsffN97PvSk3qgMdvu3NFzAdBgNVHQ4EFgQUuIwP8bUI
bm8I6l04us+ubzZIRbgwggEABgNVHREEgfgwgfWCECouY2l0eW9maG9wZS5vcmeC
End3dy5jaXR5b2Zob3BlLm9yZ4IXcHJvZC13d3cuY2l0eW9maG9wZS5vcmeCFmRl
di13d3cuY2l0eW9maG9wZS5vcmeCFnN0Zy13d3cuY2l0eW9maG9wZS5vcmeCFWFj
cXVpYS5jaXR5b2Zob3BlLm9yZ4IWbGNndWlkZS5jaXR5b2Zob3BlLm9yZ4IaZGV2
LWxjZ3VpZGUuY2l0eW9maG9wZS5vcmeCHHN0YWdlLWxjZ3VpZGUuY2l0eW9maG9w
ZS5vcmeCG3Byb2QtbGNndWlkZS5jaXR5b2Zob3BlLm9yZzA+BgNVHSAENzA1MDMG
BmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D
UFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
RGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwSKBGoESG
Qmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNB
U0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9j
YWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2
MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8E
ggFrAWkAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAYxBahwN
AAAEAwBIMEYCIQDp8rYjk8DH/pwcUEVVFBCt9Cq0QLjHoskMmW9IxkY88gIhANSs
eUxsoE3KyAM4JCX5iFCvTPQtVucwvmx9O9ZaPPPLAHYAPxdLT9ciR1iUHWUchL4N
Eu2QN38fhWrrwb8ohez4ZG4AAAGMQWocPQAABAMARzBFAiEA5R5R7h3C/DPGNXzt
NwcLVdt41LfJBmLDJoCIeMADAdECIAJ9cY7dZ+qAviNZfQsLvemL2C/c86pMFo8i
qWQpuM5UAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGMQWoc
LAAABAMARzBFAiBaesY9k0eg7qipYhb9J6EQsTcCzXkJQnMUOqKYSmS7DAIhANpR
Z5WKCPJj6xQ5HcF2cNq/8Kvof+v03IxKPkPnv2+AMA0GCSqGSIb3DQEBCwUAA4IB
AQAA4NC01bkCCo7T9ZH3t4wkTZcbS7NQBw4cNAbOfRyYl8VKz4FKQWu5Poc1V80g
ohcax6wpevpr77I4yEGyja+mh4GqJyIgBsYHcfRAQjooWd1bYVukGaURFFHQDwDn
Uc8iLD68ltYsd2shYFZhsEZ66Q24n5x0Iu2rw8/l0/Z+coMRFE4iNCTNCP9KxodX
A5QVR9D9woYNdwiTSCuUDsxcWbhg5I+swaiJIeZAp045dsM71mi3ePU8VQN0K5N8
DrPHcajyoA0aKcmRpY75MSVK8csXHutFlmdD/pijjzQeNOwA9RFR29m6HhyS3uWk
2TT/JZj08Q0PXzn12T8YRvH2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vhd0S1JULzNk+gwG1D3
aOYgOX3oKy22oWFhY7jxEOy1COWb0Vnqh0oh6eYOSdJ5X7jUAHQy4l4tgxBqkgFt
nAd1NVFYR5y4UZ7f6jGAaqyLHB7rJt3gDk4VCkLFTbwBI0ceV6YDqWq6kkSpdDRf
UO4osU9c3VtUKAmZdqvspAWVUSj9Otqi6wTASWlm8KO53iLO+ueQSqMY71qO0xXG
+jCA4eu7qIjYTNrTLBhRZjqaGtHqhZwJV9DUuC7c37/IvKenLxyEwX7dPZH4sXLJ
/Cj+1uV3xxMuh1SJr/WmwyOPlsX4V3s7YQBo0vPSOoqBtDvY0mYucI0QSf5k48KZ
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14113808974932394715329363051751377075
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Duarte'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'City of Hope'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cityofhope.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26427380869827806532231150092172998383060375545049760117401315881790340355702985271603258823907468257324610581498497795350057730770912175068358732909966541893391982955513369294462658944932199874675895581762392873009119245832466584626531558034497624756632892759483968962459335534205253273699665033721730067443971168688879511646672723840688099682612625356472539169217339200666974921372863400081711890179343660071406227178911361042480070092840565163547640564250838536574585195863142760943272295603168682645705387719317603730210777016302920497990271981991478149110287323333248263564770018061237703318467456565927791991159
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b88c0ff1b5086e6f08ea5d38bacfae6f364845b8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (248 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-www.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-www.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-www.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acquia.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lcguide.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-lcguide.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-lcguide.cityofhope.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-lcguide.cityofhope.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c416a1c0d0000040300483046022100e9f2b62393c0c7fe9c1c5045551410adf42ab440b8c7a2c90c996f48c6463cf2022100d4ac794c6ca04dcac803382425f98850af4cf42d56e730be6c7d3bd65a3cf3cb0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c416a1c3d0000040300473045022100e51e51ee1dc2fc33c6357ced37070b55db78d4b7c90662c326808878c00301d10220027d718edd67ea80be23597d0b0bbde98bd82fdcf3aa4c168f22a96429b8ce540076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c416a1c2c000004030047304502205a7ac63d9347a0eea8a96216fd27a110b13702cd79094273143aa2984a64bb0c022100da5167958a08f263eb14391dc17670dabff0abe87febf4dc8c4a3e43e7bf6f80
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0000e0d0b4d5b9020a8ed3f591f7b78c244d971b4bb350070e1c3406ce7d1c9897c54acf814a416bb93e873557cd20a2171ac7ac297afa6befb238c841b28dafa68781aa27222006c60771f440423a2859dd5b615ba419a5111451d00f00e751cf222c3ebc96d62c776b21605661b0467ae90db89f9c7422edabc3cfe5d3f67e728311144e223424cd08ff4ac6875703941547d0fdc2860d770893482b940ecc5c59b860e48facc1a88921e640a74e3976c33bd668b778f53c5503742b937c0eb3c771a8f2a00d1a29c991a58ef931254af1cb171eeb45966743fe98a38f341e34ec00f51151dbd9ba1e1c92dee5a4d934ff2598f4f10d0f5f39f5d93f1846f1f6