at.shopping.com

- eBay, Inc. -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 6d:51:ea:c7:35:6c:4e:d0:e6:9d:66:98:e6:d1:0f:4a was issued on by Sectigo Limited.

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

eBay, Inc.

Organization: eBay, Inc.
State / Province: California
Country: US

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 6d:51:ea:c7:35:6c:4e:d0:e6:9d:66:98:e6:d1:0f:4a
Serial Number (int): 145311189452882387721083975309427019594
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 32:25:59:33:72:f4:b4:c5:e3:75:a9:ef:a0:7e:dd:b2:f1:79:1b:d0
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 3d:60:0c:52:b8:75:cf:f5:2d:5e:a9:3d:61:c2:20:37:48:6f:6d:83
Fingerprint (sha256): 64:17:85:fa:3d:3c:7a:c7:5e:81:c6:9e:a5:b6:61:5b:7a:d0:fe:33:a3:db:04:2a:90:36:79:a2:90:20:44:19

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate at.shopping.com

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for at.shopping.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

at.shopping.com
befr.shopping.com
benl.shopping.com
ch.shopping.com
de.shopping.com
es.shopping.com
fr.shopping.com
ie.shopping.com
it.shopping.com
nl.shopping.com
pl.shopping.com
shopping.com
uk.shopping.com
www.shopping.com

Other certificates including the domain name shopping.com

(limited to 100 certificates)
backstory.shopping.com
shopping.com
au.merchant.shopping.com
de.shopping.com
at.shopping.com
backstory.shopping.com
molecule.corp.ebay.com
autotrack.ebay.com
molecule.corp.ebay.com
backstory.shopping.com
at.shopping.com
shopping.com
fr.shopping.com
autotrack.ebay.com
at.shopping.com
shopping.com
shopping.com
de.shopping.com
molecule.corp.ebay.com
partners.shopping.com
at.shopping.com
autotrack.ebay.com
reviews.au.shopping.com
fr.shopping.com
shopping.com
molecule.corp.ebay.com
widgets.shopping.com
*.shopping.com
au.merchant.shopping.com
at.shopping.com
haendler.shopping.com
jrem.shopping.com
at.shopping.com
molecule.corp.ebay.com
merchants.shopping.com
*.ssl-img.shopping.com
molecule.corp.ebay.com
shopping.com
at.shopping.com
shopping.com
www.shopping.com
molecule.corp.ebay.com
shopping.com
at.shopping.com
rem.shopping.com
sandbox.api.shopping.com
autotrack.ebay.com
uk.shopping.com
molecule.corp.ebay.com
backstory.shopping.com
uk.shopping.com
backstory.shopping.com
backstory.shopping.com
*.shopping.com
molecule.corp.ebay.com
molecule.corp.ebay.com
sdc.g.ebay.com
shopping.com
*.ssl-img.shopping.com
*.ssl-img.shopping.com
molecule.corp.ebay.com
shopping.com
sdc.g.ebay.com
*.shopping.com
shopping.com
reviews.uk.shopping.com
autotrack.ebay.com
autotrack.ebay.com
merchant.shopping.com
at.shopping.com
*.shopping.com
shopping.com
ukmerchant.shopping.com
autotrack.ebay.com
backstory.shopping.com
shopping.com
shopping.com
shopping.com
au.shopping.com
*.shopping.com
sdc.g.ebay.com
backstory.shopping.com
sdc.g.ebay.com
developer.shopping.com
*.shopping.com
at.shopping.com
partners.shopping.com

Certificate

The complete raw certificate details for at.shopping.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHqDCCBpCgAwIBAgIQbVHqxzVsTtDmnWaY5tEPSjANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTI0MDQyNTAwMDAwMFoXDTI1MDQyNTIzNTk1OVowUTELMAkGA1UE
BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAoTCmVCYXksIEluYy4x
GDAWBgNVBAMTD2F0LnNob3BwaW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK0A7ZCAwh6o1H7hB4LZffatz8irl7Rs44QK73f8TCOeDRMXPmKT
Tc4Mtdk4AAOZxN9lEuOg+NIwJUtgMWl3zuj+q6dn5blEHZHfhQu8pwxo2omaM4dO
Ht9ZnW2Rl2zpq1Ioj/f6FCzNAdMkNEOsX5JhLebXg0b6BihpvzxMadn25OVImyxi
IqmHUuyCYN2RdaZt/Bd5H6QytdTEGVfLvVTPNEC5SMxd9ZkqHSPf+by0Ub/ye3ru
p+1d7LtlReuaNqayO6DT+CzxZfIxkQtsjFJ3dpPOtwCSadrSlTTBk91KkRz1CaKx
+cGRc814sGBd+CvKzvUa7mqobjnAmHs17asCAwEAAaOCBDUwggQxMB8GA1UdIwQY
MBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBQyJVkzcvS0xeN1qe+g
ft2y8Xkb0DAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIBAwQw
JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIC
MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGln
b1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYoG
CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNv
bS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB
LmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wggF9Bgor
BgEEAdZ5AgQCBIIBbQSCAWkBZwB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHS
W3fOzDsIAAABjxNEUCsAAAQDAEcwRQIgAb6OOofOX42dKkKdqI4rvaVcVHp7JwXl
HjHyp5VxXd4CIQCD7QaBT0NCD6H0KIGPITI7OpCI1WZESpFnHqVwYZQipQB2AKLj
CuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjxNET/IAAAQDAEcwRQIh
AIo6vuQoyM8Oxk06Neb6s0vOpTCd9b+Gxn6S6L9Ag+ttAiAOK2sbXVZZ2Rm+QYg+
aX+O0Sr9oDh+jDcaIbXnXPlsxQB1AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6
ZLFimjnfAAABjxNET8EAAAQDAEYwRAIgHKkI+iaoAiAwfoVPLW4OjyVtQPhftSKr
yg68cgeBq6YCIAoXSlcSiT9SANWGofMgtpgEO4GJr5IpQOhoM2DK7MeMMIH7BgNV
HREEgfMwgfCCD2F0LnNob3BwaW5nLmNvbYIRYmVmci5zaG9wcGluZy5jb22CEWJl
bmwuc2hvcHBpbmcuY29tgg9jaC5zaG9wcGluZy5jb22CD2RlLnNob3BwaW5nLmNv
bYIPZXMuc2hvcHBpbmcuY29tgg9mci5zaG9wcGluZy5jb22CD2llLnNob3BwaW5n
LmNvbYIPaXQuc2hvcHBpbmcuY29tgg9ubC5zaG9wcGluZy5jb22CD3BsLnNob3Bw
aW5nLmNvbYIMc2hvcHBpbmcuY29tgg91ay5zaG9wcGluZy5jb22CEHd3dy5zaG9w
cGluZy5jb20wDQYJKoZIhvcNAQELBQADggEBAFes/9c/J+eSWHIVzk99+jXjmUOC
Ctf19QxYSf/ThrgDEcQ+TtY5R/94Za04WYY3WhEoF2Zid4/+jYsjZnTJKCswzT+F
zUvUBiqMtM2g7+tqRxaPKAU3bCb9lOyX1ooN3+z+ObFoBQlZ4aeUZXhwTVj1WsHz
DlLUi0zoTW4uvhZM93zeSs3AuHkhw8OSLkZ8bK2UvgvBOVWulLdmqoj+AWk7obw7
uqw6yOTDKLsXud8Js5kEcDaC6xz+aVYh5QriN/Jm7Blo5j2u/FzAIASrOvtJUaK8
Wvj5GhcDLeub7fAHXjqzHFmv4j5nY5cAgFODxJAExa2mQwbLXmpvGS41Ecw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQDtkIDCHqjUfuEHgtl9
9q3PyKuXtGzjhArvd/xMI54NExc+YpNNzgy12TgAA5nE32US46D40jAlS2AxaXfO
6P6rp2fluUQdkd+FC7ynDGjaiZozh04e31mdbZGXbOmrUiiP9/oULM0B0yQ0Q6xf
kmEt5teDRvoGKGm/PExp2fbk5UibLGIiqYdS7IJg3ZF1pm38F3kfpDK11MQZV8u9
VM80QLlIzF31mSodI9/5vLRRv/J7eu6n7V3su2VF65o2prI7oNP4LPFl8jGRC2yM
Und2k863AJJp2tKVNMGT3UqRHPUJorH5wZFzzXiwYF34K8rO9RruaqhuOcCYezXt
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 145311189452882387721083975309427019594
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'eBay, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'at.shopping.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21839684366173785594170843901968088729893041062861505333283690704516317257650721050850918298603089897510075286921733749674280976173748088383096611047288308436436418496021589610857081581360923209231509228146716487054450541282197516417781953874167248591667936218553375891399398697272042233495377610575654483562651668404556613989139952888257644564473625764641030581726450716028337124531016179284387259096221837488389936811495736215414347403808704509973613453500737258656965483555048719502310124612482786225741889859756835515328620406783390013369846185559215340406582870792360918093111425984052619642045104336405020405163
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3225593372f4b4c5e375a9efa07eddb2f1791bd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f1344502b0000040300473045022001be8e3a87ce5f8d9d2a429da88e2bbda55c547a7b2705e51e31f2a795715dde02210083ed06814f43420fa1f428818f21323b3a9088d566444a91671ea570619422a5007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018f13444ff200000403004730450221008a3abee428c8cf0ec64d3a35e6fab34bcea5309df5bf86c67e92e8bf4083eb6d02200e2b6b1b5d5659d919be41883e697f8ed12afda0387e8c371a21b5e75cf96cc50075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f13444fc1000004030046304402201ca908fa26a80220307e854f2d6e0e8f256d40f85fb522abca0ebc720781aba602200a174a5712893f5200d586a1f320b698043b8189af922940e8683360caecc78c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'at.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'befr.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benl.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ch.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'de.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'es.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ie.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uk.shopping.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shopping.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057acffd73f27e792587215ce4f7dfa35e39943820ad7f5f50c5849ffd386b80311c43e4ed63947ff7865ad385986375a1128176662778ffe8d8b236674c9282b30cd3f85cd4bd4062a8cb4cda0efeb6a47168f2805376c26fd94ec97d68a0ddfecfe39b168050959e1a7946578704d58f55ac1f30e52d48b4ce84d6e2ebe164cf77cde4acdc0b87921c3c3922e467c6cad94be0bc13955ae94b766aa88fe01693ba1bc3bbaac3ac8e4c328bb17b9df09b39904703682eb1cfe695621e50ae237f266ec1968e63daefc5cc02004ab3afb4951a2bc5af8f91a17032deb9bedf0075e3ab31c59afe23e67639700805383c49004c5ada64306cb5e6a6f192e3511cc