promo.avon.kz

- Avon Products Inc -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 09:ce:ee:b4:10:9e:cd:8c:48:10:69:50:da:a6:5c:af was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Avon Products Inc

Organization: Avon Products Inc
Organization unit: Global IT
State / Province: New York
Locality: Rye
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 09:ce:ee:b4:10:9e:cd:8c:48:10:69:50:da:a6:5c:af
Serial Number (int): 13037506594621080122259769342210497711
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 53:ed:10:6b:4e:dd:f1:74:c6:15:1f:aa:58:05:8a:86:d6:96:9f:1a
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 10:2b:b0:6c:d3:e0:e5:a2:7d:a8:ea:12:4f:05:e6:95:18:df:e8:a7
Fingerprint (sha256): 65:8f:3d:29:0c:ff:08:b7:b2:de:c1:c9:f2:62:e3:d0:96:66:f6:00:02:08:9b:c0:fb:e0:83:fe:9c:77:f8:03

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate promo.avon.kz

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for promo.avon.kz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

promo.avon.kz

Other certificates including the domain name avon.kz

(limited to 100 certificates)
tools.avon.kz
io.avon.kz
go.avon.kz
qaf.office.avon.kz
tools.avon.kz
tools.avon.kz
static1.br.avon.com
avon.kz
tools.avon.kz
static1.br.avon.com
promo.avon.kz
my.avon.kz
drupal.avon.com.ar
static1.br.avon.com
static1.br.avon.com
dnevniki.avon.kz
drupal.avon.com.ar
static1.br.avon.com
static1.br.avon.com
www.avon.kz
qaf.office.avon.kz
avon.kz
kz.avon.com
static1.br.avon.com
my.avon.kz
static1.br.avon.com
static1.br.avon.com
static1.br.avon.com
www.avon.kz
promo.avon.kz
static1.br.avon.com
static1.br.avon.com
static1.br.avon.com
my.avon.kz
qaf.office.avon.kz
qaf.office.avon.kz
static1.br.avon.com
promo.avon.kz
static1.br.avon.com
static1.br.avon.com
io.avon.kz
dnevniki.avon.kz
static1.br.avon.com
static1.br.avon.com
promo.avon.kz
www.avon.kz
static1.br.avon.com
dnevniki.avon.kz
tools.avon.kz
dnevniki.avon.kz
go.avon.kz
static1.br.avon.com
static1.br.avon.com
www.avon.kz
static1.br.avon.com
*.avon.kz
promo.avon.kz
go.avon.kz
*.office.avon.kz
static1.br.avon.com
dnevniki.avon.kz
static1.br.avon.com
static1.br.avon.com
my.avon.kz
static1.br.avon.com
avon.com
my.avon.kz
promo.avon.kz

Certificate

The complete raw certificate details for promo.avon.kz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGojCCBYqgAwIBAgIQCc7utBCezYxIEGlQ2qZcrzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwODE0MDAwMDAwWhcN
MjIwODE1MTIwMDAwWjB2MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsx
DDAKBgNVBAcTA1J5ZTEaMBgGA1UEChMRQXZvbiBQcm9kdWN0cyBJbmMxEjAQBgNV
BAsTCUdsb2JhbCBJVDEWMBQGA1UEAxMNcHJvbW8uYXZvbi5rejCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAOQvuwJOweidd0D1EWLLBxq3FGPCLUx2nMbH
1rfrQL4GHPqIo6psQJm8JAjW1xo/4b4Pia3xRUEeQ3FXbq6ui7N6MjMYSXKpi9aP
QWA3aAJa/J96rMREPDF+Ez94vswr1K/InDGC3kNQpzei31pg079+G2c5RR8Wz7qr
f1ihPZUXG+y+GNE2jXJWKK9nAiFbDIDJQCe3cyxRyicG/O/5feobYJWFrK+6IKjC
H3ZxxnJ/0HaRYtpYHo6FoJVTIC3hJGPagZAOLuI8gMJ3ucxleulX4Bfm5+8w9kvP
i0v6vlghiiE/FZBkcgIEsOD6mloi6K+TN4dgORY+DlCBWYlNGwkCAwEAAaOCA1Mw
ggNPMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRT
7RBrTt3xdMYVH6pYBYqG1pafGjAYBgNVHREEETAPgg1wcm9tby5hdm9uLmt6MA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYD
VR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hh
Mi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNo
YTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEW
HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUF
BwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYG
CCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRT
SEEyU2VjdXJlU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQC
BIIBbgSCAWoBaAB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAAB
c+5PaVwAAAQDAEgwRgIhANLfnUyRHU7KcVN64/kQUkcVccfDOQVhbwo+sX5OW7Qz
AiEAmU/H2b7nMej7GTs5KY9uhfpyTyEMiZhAQtiof69/OqUAdQAiRUUHWVUkVpY/
oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXPuT2lrAAAEAwBGMEQCIEvXgRfhXQnK
9G4pV6SJ4kHFXEDG9dPn1kKSvFt97GC8AiBLSB4B6xzjGnuGt5OA+ygcE6Uw6uE5
d+PLSN+E0FVa4AB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAAB
c+5PacYAAAQDAEcwRQIgTD6owpOuKYPsTcdLsjBSfopuSMPrUuJI2k7oUEibs6sC
IQCrjTKebUdOkiZAzmBJXZrtrQkVfg7Qyi8E8DoXGn/p4DANBgkqhkiG9w0BAQsF
AAOCAQEAdSJ1XTg3L+k/+gZ0fUtzpv/QtgzxX7nyiozVh58+CyC9ACV0aZ6kYjKQ
mYxLiiOLmluxcISfDsyb7+FReWEIqeZuCTQgVOWlrQv3TCflte1cBwqy+DYjQE11
FzSTdabd1ylk12tZoOfwLtelvx3dPLcddDkrqKX0+5nz5JVAV8rKw4+SsZrheJQD
Uy5wFzmUq9whK0MBkpcHRJD8eSvbXpuhJsy3ZMNIzkDE+7i/qAk2uHUEV/hasR2m
qB3t208gRhR9/HYXr2XOiypX+FEeeEdZ8Y3oslRuHa8DtOO4kw730hkITVkPc0ay
knszNHViReoUz7Qtp35/Rq2z+XsU7A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5C+7Ak7B6J13QPURYssH
GrcUY8ItTHacxsfWt+tAvgYc+oijqmxAmbwkCNbXGj/hvg+JrfFFQR5DcVdurq6L
s3oyMxhJcqmL1o9BYDdoAlr8n3qsxEQ8MX4TP3i+zCvUr8icMYLeQ1CnN6LfWmDT
v34bZzlFHxbPuqt/WKE9lRcb7L4Y0TaNclYor2cCIVsMgMlAJ7dzLFHKJwb87/l9
6htglYWsr7ogqMIfdnHGcn/QdpFi2lgejoWglVMgLeEkY9qBkA4u4jyAwne5zGV6
6VfgF+bn7zD2S8+LS/q+WCGKIT8VkGRyAgSw4PqaWiLor5M3h2A5Fj4OUIFZiU0b
CQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13037506594621080122259769342210497711
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-15 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rye'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Avon Products Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Global IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'promo.avon.kz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28805870320993102298128623398710892874277866245897852006014228267807385802470212504897992243962053382901787573225204610745346047269936177506916809561927350588289473670875468018123686041706592713074166932216189001163464898887460872499961945118656480896286387086998987564188433652195775128321966698525240641341490180168930378254236701779785208016972446185064901796907897658960412093021831808584532727343351436634207272479407137867246683999787475182987708543554225852216719330123092968640684350306269592561387617676220025209771765802798397517322009045070734891933863362158256194537976815616667727745074607967333558065929
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							53ed106b4eddf174c6151faa58058a86d6969f1a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promo.avon.kz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc78400000173ee4f695c0000040300483046022100d2df9d4c911d4eca71537ae3f91052471571c7c33905616f0a3eb17e4e5bb433022100994fc7d9bee731e8fb193b39298f6e85fa724f210c89984042d8a87faf7f3aa50075002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f0200000173ee4f696b000004030046304402204bd78117e15d09caf46e2957a489e241c55c40c6f5d3e7d64292bc5b7dec60bc02204b481e01eb1ce31a7b86b79380fb281c13a530eae13977e3cb48df84d0555ae000760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e500000173ee4f69c6000004030047304502204c3ea8c293ae2983ec4dc74bb230527e8a6e48c3eb52e248da4ee850489bb3ab022100ab8d329e6d474e922640ce60495d9aedad09157e0ed0ca2f04f03a171a7fe9e0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007522755d38372fe93ffa06747d4b73a6ffd0b60cf15fb9f28a8cd5879f3e0b20bd002574699ea4623290998c4b8a238b9a5bb170849f0ecc9befe151796108a9e66e09342054e5a5ad0bf74c27e5b5ed5c070ab2f83623404d7517349375a6ddd72964d76b59a0e7f02ed7a5bf1ddd3cb71d74392ba8a5f4fb99f3e4954057cacac38f92b19ae1789403532e70173994abdc212b43019297074490fc792bdb5e9ba126ccb764c348ce40c4fbb8bfa80936b8750457f85ab11da6a81deddb4f2046147dfc7617af65ce8b2a57f8511e784759f18de8b2546e1daf03b4e3b8930ef7d219084d590f7346b2927b3334756245ea14cfb42da77e7f46adb3f97b14ec