www.kay.com
- Signet Group Services US Inc. -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 08:58:7d:d5:5f:64:0b:58:1d:7d:bb:a7:2f:3a:39:5e was issued on by DigiCert Inc.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Signet Group Services US Inc.
Organization:
Signet Group Services US Inc.
State / Province:
Ohio
Locality: Akron
Country: US
Locality: Akron
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:58:7d:d5:5f:64:0b:58:1d:7d:bb:a7:2f:3a:39:5eSerial Number (int): 11093298296151485898107136415264029022
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 49:56:96:2b:e8:63:91:08:51:91:c0:0a:96:9d:ed:cc:31:81:22:0a
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): 6a:42:3b:63:a1:a8:26:77:f2:a0:5e:0f:27:2f:2b:ed:3c:fe:5c:a8
Fingerprint (sha256): 6e:01:bf:44:e1:89:13:56:46:b5:22:22:87:41:e4:7a:9b:83:55:ce:56:51:37:2d:28:e6:f3:91:54:ae:27:c8
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertSHA2SecureServerCA.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertSHA2SecureServerCA.crl
Check the revocation status for certificate www.kay.com
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kay.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kay.com
videos-aka.kay.com
m.kay.com
levian.kay.com
kay.com
images-aka.kay.com
fpc.kay.com
ecomapi.jewels.com
ampanalytics.kay.com
videos-aka.kay.com
m.kay.com
levian.kay.com
kay.com
images-aka.kay.com
fpc.kay.com
ecomapi.jewels.com
ampanalytics.kay.com
Other certificates including the domain name kay.com
(limited to 100 certificates)
imperva.com
sni191bdgl.wpc.edgecastcdn.net
test.kay.com
mstage.jared.com
stores.kay.com
www2.kay.com
stores.kay.com
www.kay.com
*.classrings.kay.com
sni1d146gl.wpc.edgecastcdn.net
mstage.jared.com
origin-uat1.kay.com
www.kay.com
em.kay.com
t.kay.com
imperva.com
chat.kay.com
chat.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
san2.yext-cdn.com
san2.yext-cdn.com
www.kay.com
test.kay.com
testbridal.kay.com
classrings.kay.com
san2.yext-cdn.com
classrings.kay.com
link.kay.com
link.kay.com
fashion.kay.com
bridal.kay.com
chat.kay.com
t.kay.com
www2.kay.com
www.kay.com
origin-uat1.kay.com
dtm.kay.com
www.kay.com
www.kay.com
test.kay.com
www.kay.com
signetqa.cbi-rings.com
bridal.kay.com
pay.sterlingjewelers.com
san2.yext-cdn.com
perf-creditapis.jewels.com
san2.yext-cdn.com
familyjewelry.kay.com
imperva.com
em.kay.com
locations.c2crestaurants.com
san2.yext-cdn.com
test.kay.com
stores.kay.com
chat.kay.com
www.kay.com
classrings.kay.com
chat.kay.com
san2.yext-cdn.com
em.kay.com
test.kay.com
testpersonalized.kay.com
www.kay.com
san2.yext-cdn.com
smetrics.kay.com
amp-uat3.kay.com
www.kay.com
pay.sterlingjewelers.com
www.kay.com
sni19bd6gl.wpc.edgecastcdn.net
www.kay.com
www.kay.com
pay.kay.com
*.kay.com
pages.email.kay.com
test.kay.com
pt-stores.iqos.com.yext-cdn.com
familyjewelry.kay.com
www.kay.com
m.kay.com
fpc.kay.com
credithub-test.azusnc-test.jewels.com
familyjewelry.kay.com
www.kay.com
classrings.kay.com
www.kay.com
classrings.kay.com
www.kay.com
personalized.jared.com
www.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
www.kay.com
www.kay.com
www.kay.com
san2.yext-cdn.com
*.kay.com
em.kay.com
sni191bdgl.wpc.edgecastcdn.net
test.kay.com
mstage.jared.com
stores.kay.com
www2.kay.com
stores.kay.com
www.kay.com
*.classrings.kay.com
sni1d146gl.wpc.edgecastcdn.net
mstage.jared.com
origin-uat1.kay.com
www.kay.com
em.kay.com
t.kay.com
imperva.com
chat.kay.com
chat.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
san2.yext-cdn.com
san2.yext-cdn.com
www.kay.com
test.kay.com
testbridal.kay.com
classrings.kay.com
san2.yext-cdn.com
classrings.kay.com
link.kay.com
link.kay.com
fashion.kay.com
bridal.kay.com
chat.kay.com
t.kay.com
www2.kay.com
www.kay.com
origin-uat1.kay.com
dtm.kay.com
www.kay.com
www.kay.com
test.kay.com
www.kay.com
signetqa.cbi-rings.com
bridal.kay.com
pay.sterlingjewelers.com
san2.yext-cdn.com
perf-creditapis.jewels.com
san2.yext-cdn.com
familyjewelry.kay.com
imperva.com
em.kay.com
locations.c2crestaurants.com
san2.yext-cdn.com
test.kay.com
stores.kay.com
chat.kay.com
www.kay.com
classrings.kay.com
chat.kay.com
san2.yext-cdn.com
em.kay.com
test.kay.com
testpersonalized.kay.com
www.kay.com
san2.yext-cdn.com
smetrics.kay.com
amp-uat3.kay.com
www.kay.com
pay.sterlingjewelers.com
www.kay.com
sni19bd6gl.wpc.edgecastcdn.net
www.kay.com
www.kay.com
pay.kay.com
*.kay.com
pages.email.kay.com
test.kay.com
pt-stores.iqos.com.yext-cdn.com
familyjewelry.kay.com
www.kay.com
m.kay.com
fpc.kay.com
credithub-test.azusnc-test.jewels.com
familyjewelry.kay.com
www.kay.com
classrings.kay.com
www.kay.com
classrings.kay.com
www.kay.com
personalized.jared.com
www.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
www.kay.com
www.kay.com
www.kay.com
san2.yext-cdn.com
*.kay.com
em.kay.com
Certificate
The complete raw certificate details for www.kay.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHMTCCBhmgAwIBAgIQCFh91V9kC1gdfbunLzo5XjANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjEwODMxMDAwMDAwWhcN MjIwOTMwMjM1OTU5WjBqMQswCQYDVQQGEwJVUzENMAsGA1UECBMET2hpbzEOMAwG A1UEBxMFQWtyb24xJjAkBgNVBAoTHVNpZ25ldCBHcm91cCBTZXJ2aWNlcyBVUyBJ bmMuMRQwEgYDVQQDEwt3d3cua2F5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOrZIaExWRX9IlA+9HooK6NhvKiDkhZp9NBJnZtMW+xDd0/ENlgt uQk6dixXmIWKBJVB+JiYRa4At/yM43S0D/32zO7CCf45/ezc78TQY0zERpI0GQET rGPRmQmcyvgXElVp/3tsUwD9cI28kO22De8Uc7on44WDFZgeuJt0Q8iOsj1pd7YN jnhBuU2Z7GFBKEe0Iv7TY4kMfCrZMnq+hOn/p8altNDnLg69gDQ6bTrtCJxFXFmi t1UUfF+FPmZxWGXul0brzLqXP/Xz9r2jWwaThFFsOV7kzVJtdTiXgmLb0jhpfmyU ri3VZbTftCUT7BIBh8ueAhhPjamntbyB5YUCAwEAAaOCA+4wggPqMB8GA1UdIwQY MBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRJVpYr6GORCFGRwAqW ne3MMYEiCjCBmwYDVR0RBIGTMIGQggt3d3cua2F5LmNvbYISdmlkZW9zLWFrYS5r YXkuY29tggltLmtheS5jb22CDmxldmlhbi5rYXkuY29tggdrYXkuY29tghJpbWFn ZXMtYWthLmtheS5jb22CC2ZwYy5rYXkuY29tghJlY29tYXBpLmpld2Vscy5jb22C FGFtcGFuYWx5dGljcy5rYXkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwgYgGA1UdHwSBgDB+MD2gO6A5hjdodHRwOi8v Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3Js MD2gO6A5hjdodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2Vj dXJlU2VydmVyQ0EuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUH AgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB+BggrBgEFBQcBAQRyMHAw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBIBggrBgEFBQcw AoY8aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3Vy ZVNlcnZlckNBLTIuY3J0MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQCBIIB cASCAWwBagB3AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABe5yf aWoAAAQDAEgwRgIhAKYP6X7RXBC49886G5NJb+d74WyjIPI5CO/KFGjPubtwAiEA xU5liKFrShUYRvUeGiPwFxRIvsaj5jDfboLCQvPhwxwAdwBRo7D1/QF5nFZtuDd4 jwykeswbJ8v3nohCmg3+1IsF5QAAAXucn2l3AAAEAwBIMEYCIQDoPLtQyrZIObxG nvGDe66GYWNdMh0TqBCSgmPxN52/UQIhAPtMA4856fl0P1bREHwyrrBItMD54cgo 9oXdfdnSSSKFAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF7 nJ9pNwAABAMARzBFAiBv23+Bgx4yqNPZx4OglKyYN8XtTIFXG5xnDaYSMBgRbgIh AK1/YJzv4sRUwbcA4F7VfNDqznfvzuwNsI6APxOt62r9MA0GCSqGSIb3DQEBCwUA A4IBAQCCJb2Eow1/P28RwajnLqay49gkmFs8TiaQY5wlF24VZ/qqGxcZCbkiAGsc X5FRRXZM1xvhFuMYCcZ7ifFzx+c4Gji7fj4DwxVsiYGC0sw+3aI5+Z1gzEvedA3j TP/vlGVqYKeP/Cadl1pqBPL+hPilNUr2O5KZaxM+Qkm2JaRcocgXMjGt4C6VIvns irxZwmtc6f7HN/p2vVq41q+s+gitWasVvbDvU7toJx+DDNO6M3O+Fx1UH76FuDhj 4j/CxOE3rKmC/6XJQQoXNBdg8PRBnccFFqseeUk1kAkJoaNgzoC9LCxE4UYCXnQd LHjipKKG8O+pG9u9QKErKhIgXyaL -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tkhoTFZFf0iUD70eigr o2G8qIOSFmn00Emdm0xb7EN3T8Q2WC25CTp2LFeYhYoElUH4mJhFrgC3/IzjdLQP /fbM7sIJ/jn97NzvxNBjTMRGkjQZAROsY9GZCZzK+BcSVWn/e2xTAP1wjbyQ7bYN 7xRzuifjhYMVmB64m3RDyI6yPWl3tg2OeEG5TZnsYUEoR7Qi/tNjiQx8Ktkyer6E 6f+nxqW00OcuDr2ANDptOu0InEVcWaK3VRR8X4U+ZnFYZe6XRuvMupc/9fP2vaNb BpOEUWw5XuTNUm11OJeCYtvSOGl+bJSuLdVltN+0JRPsEgGHy54CGE+Nqae1vIHl hQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11093298296151485898107136415264029022 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-31 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Akron' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Signet Group Services US Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kay.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29646834829169741654301588884177669434830797122895404275126530158883981160840867556297775723310527631459275121317244520008582590383799661818389748782315523768881889819672988466486755363092092729640604978465590295317200402534020737094696222349891085382132727982043512910098016414194017617926857028874499252411434792990549738637755369086241620379010783575787692304727955368773597511030131337930179852712508103876343029860836177301635700504078099068086852321343309826159106427295186351940298255187882551213313544329654911736117999822277896998333208670640477131028986651656899853851030020372850595755955234162854827517317 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4956962be86391085191c00a969dedcc3181220a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'videos-aka.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'levian.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images-aka.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fpc.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecomapi.jewels.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ampanalytics.kay.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (128 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertSHA2SecureServerCA.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertSHA2SecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a00770046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017b9c9f696a0000040300483046022100a60fe97ed15c10b8f7cf3a1b93496fe77be16ca320f23908efca1468cfb9bb70022100c54e6588a16b4a151846f51e1a23f0171448bec6a3e630df6e82c242f3e1c31c00770051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017b9c9f69770000040300483046022100e83cbb50cab64839bc469ef1837bae8661635d321d13a810928263f1379dbf51022100fb4c038f39e9f9743f56d1107c32aeb048b4c0f9e1c828f685dd7dd9d249228500760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017b9c9f6937000004030047304502206fdb7f81831e32a8d3d9c783a094ac9837c5ed4c81571b9c670da6123018116e022100ad7f609cefe2c454c1b700e05ed57cd0eace77efceec0db08e803f13adeb6afd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008225bd84a30d7f3f6f11c1a8e72ea6b2e3d824985b3c4e2690639c25176e1567faaa1b171909b922006b1c5f915145764cd71be116e31809c67b89f173c7e7381a38bb7e3e03c3156c898182d2cc3edda239f99d60cc4bde740de34cffef94656a60a78ffc269d975a6a04f2fe84f8a5354af63b92996b133e4249b625a45ca1c8173231ade02e9522f9ec8abc59c26b5ce9fec737fa76bd5ab8d6afacfa08ad59ab15bdb0ef53bb68271f830cd3ba3373be171d541fbe85b83863e23fc2c4e137aca982ffa5c9410a17341760f0f4419dc70516ab1e794935900909a1a360ce80bd2c2c44e146025e741d2c78e2a4a286f0efa91bdbbd40a12b2a12205f268b