lyncaccess.spv.se

- Statens Tjänstepensionsverk -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 06:61:c6:93:ac:62:56:1e:d9:bd:7d:fa:93:84:71:2b was issued on by DigiCert Inc.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Statens Tjänstepensionsverk

Organization: Statens Tjänstepensionsverk
Locality: Sundsvall
Country: SE

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:61:c6:93:ac:62:56:1e:d9:bd:7d:fa:93:84:71:2b
Serial Number (int): 8483048386979089257195137984889123115
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b8:a5:b5:f1:54:cd:bb:9b:19:90:17:2a:1f:de:53:9a:04:bd:17:b8
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): f2:27:fc:4d:cb:c7:85:a0:0a:71:8b:87:2f:87:d7:82:18:5c:7d:57
Fingerprint (sha256): 70:e5:17:30:41:50:7a:1c:58:8a:d3:37:ed:5d:22:35:c3:83:4a:17:0c:86:cb:99:5c:3f:af:79:cb:c7:90:e7

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl

Check the revocation status for certificate lyncaccess.spv.se

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for lyncaccess.spv.se

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sip.spv.se
avext.spv.se
lyncaccess.spv.se
webcon.spv.se

Other certificates including the domain name spv.se

(limited to 100 certificates)
www.spv.se
*.spv.se
*.spv.se
*.spv.se
*.spv.se
www.spv.se
spv.se
webbmail.spv.se
ap.spv.se
test.spv.se
webbmail.spv.se
skandikon.spv.se
skandikon.spv.se
www.spv.se
spv.se
secure.filer.spv.se
testskandikon.spv.se
lyncaccess.spv.se
lyncaccess.spv.se
secure.filer.spv.se
*.spv.se
webbmail.spv.se
*.spv.se
lyncaccess.spv.se
edgeproxy.spv.se
sip.spv.se
acceptanstest.spv.se
portal.spv.se
lyncaccess.spv.se
intern.spv.se
www.spv.se
extmail.spv.se
www.spv.se
eportal.spv.se
webbmail.spv.se
edgeproxy.spv.se
edgeproxy.spv.se

Certificate

The complete raw certificate details for lyncaccess.spv.se in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgIQBmHGk6xiVh7ZvX36k4RxKzANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTAxMTEwMDAwMDBa
Fw0yMjAxMTgyMzU5NTlaMGQxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdW5kc3Zh
bGwxJTAjBgNVBAoMHFN0YXRlbnMgVGrDpG5zdGVwZW5zaW9uc3ZlcmsxGjAYBgNV
BAMTEWx5bmNhY2Nlc3Muc3B2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz8h/57peWulnQ1A0Ly5nJYvQB/RWWhnYUl1ZZSUsAtp101DeWaS4KkA3
bnYYznf/4QpGZDDZyARwEc/+aUznvleL21jh35hvf/bFuL3t7+rT/BhEps42ugz+
8XoWMIwdyMr3MeTuEaYbuaSWzNsxX7Q3JESI4JUGaOdjQcVLdAVkt+Yre5qYfeTZ
3WbOudNdVi7aISztXhPzETzBcGSnWd+0eiOp9+9OhUvWsM0WZNayOrQVPRtz07aQ
WKgPJQbxnSomQGY8GNn8JuSF4V7SJOM+dJP+2gTpee6HbP3aBQX/yvSdD+pFkubW
0F3z4YtsbolfKYGlOWNhvI6x27nqcwIDAQABo4IDKzCCAycwHwYDVR0jBBgwFoAU
t2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0OBBYEFLiltfFUzbubGZAXKh/eU5oE
vRe4MEUGA1UdEQQ+MDyCCnNpcC5zcHYuc2WCDGF2ZXh0LnNwdi5zZYIRbHluY2Fj
Y2Vzcy5zcHYuc2WCDXdlYmNvbi5zcHYuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBiwYDVR0fBIGDMIGAMD6gPKA6hjho
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIw
Q0ExLmNybDA+oDygOoY4aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
VExTUlNBU0hBMjU2MjAyMENBMS5jcmwwSwYDVR0gBEQwQjA2BglghkgBhv1sAQEw
KTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeB
DAECAjB9BggrBgEFBQcBAQRxMG8wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
Z2ljZXJ0LmNvbTBHBggrBgEFBQcwAoY7aHR0cDovL2NhY2VydHMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS5jcnQwDAYDVR0TAQH/BAIw
ADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ACl5vvCeOTkh8FZzn2Old+W+V32c
YAr4+U1dJlwlXceEAAABdvCqRKMAAAQDAEgwRgIhAOdacuSKDyMDvGNDLMlGuuRM
8xmTk8HOqwDi6IbZhSfBAiEAk9AoRTfVvd2fzxq+DI5WiIZMDFyAKyE62rt+bS8g
p5MAdgAiRUUHWVUkVpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXbwqkUIAAAE
AwBHMEUCIQD+/anBAwbXC4GKAXK/uxOxnMYpTcoLFQ0+T7NZMS/CRgIgLBV/cfqB
eBADKYXyN53ofhrT6CGeUCDwqcRCbv6sF50wDQYJKoZIhvcNAQELBQADggEBALz2
4GtV05jGFQbIIW6SVioOnR/sETnX7fu4UjisBLH3STyfnUKjrXNrksFJm8jyPuOu
Vy3X8PuT0IuiCeTUQZNE3f6UzvUqigWwsXbg6wi8aELliFqnO9DPJ5/wEGQMcHTi
As1fNeT9fgfC5x9041Y5xsFhDSURcsHt9tqC+RWOd48Oa4iZDbqIesz9W/m/OevP
4PQHIUsYm+EP4GsJORYD+qHdRIqIqhc/bsIA+++2Y3Od3bctkQHF52JaloZKWJfh
MtnmLeu3H+MPpKcXtQxrx/D6mA8bSaGvBVpNqPbiPnjoo0ULBF494vUU8p4TGErz
woLjXzhW5HpCzp6Qki8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8h/57peWulnQ1A0Ly5n
JYvQB/RWWhnYUl1ZZSUsAtp101DeWaS4KkA3bnYYznf/4QpGZDDZyARwEc/+aUzn
vleL21jh35hvf/bFuL3t7+rT/BhEps42ugz+8XoWMIwdyMr3MeTuEaYbuaSWzNsx
X7Q3JESI4JUGaOdjQcVLdAVkt+Yre5qYfeTZ3WbOudNdVi7aISztXhPzETzBcGSn
Wd+0eiOp9+9OhUvWsM0WZNayOrQVPRtz07aQWKgPJQbxnSomQGY8GNn8JuSF4V7S
JOM+dJP+2gTpee6HbP3aBQX/yvSdD+pFkubW0F3z4YtsbolfKYGlOWNhvI6x27nq
cwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8483048386979089257195137984889123115
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sundsvall'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Statens Tjänstepensionsverk'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lyncaccess.spv.se'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26230199180286294147746930047867659392461378135761026659601318513939932802601520743487171349382174339213674860944323307445258120598448880174841430576635754343970240275049355327819424378515844303979319192631077424631519570650118887250966878650575178311136654693042195955467818872761367994723214744588068898780019782697919185482059997628409062985029070584852247066474256717353650870435827662421922854119614981789568334641364181789992679790037178161737552507135696806910369423859009109542720160618551451848439642816453130967908156382716494093640573127947283389677698978991030078155872179171629793641643167110157295020659
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b8a5b5f154cdbb9b1990172a1fde539a04bd17b8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.spv.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avext.spv.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyncaccess.spv.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webcon.spv.se'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc78400000176f0aa44a30000040300483046022100e75a72e48a0f2303bc63432cc946bae44cf3199393c1ceab00e2e886d98527c102210093d0284537d5bddd9fcf1abe0c8e5688864c0c5c802b213adabb7e6d2f20a7930076002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f0200000176f0aa45080000040300473045022100fefda9c10306d70b818a0172bfbb13b19cc6294dca0b150d3e4fb359312fc24602202c157f71fa817810032985f2379de87e1ad3e8219e5020f0a9c4426efeac179d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bcf6e06b55d398c61506c8216e92562a0e9d1fec1139d7edfbb85238ac04b1f7493c9f9d42a3ad736b92c1499bc8f23ee3ae572dd7f0fb93d08ba209e4d4419344ddfe94cef52a8a05b0b176e0eb08bc6842e5885aa73bd0cf279ff010640c7074e202cd5f35e4fd7e07c2e71f74e35639c6c1610d251172c1edf6da82f9158e778f0e6b88990dba887accfd5bf9bf39ebcfe0f407214b189be10fe06b09391603faa1dd448a88aa173f6ec200fbefb663739dddb72d9101c5e7625a96864a5897e132d9e62debb71fe30fa4a717b50c6bc7f0fa980f1b49a1af055a4da8f6e23e78e8a3450b045e3de2f514f29e13184af3c282e35f3856e47a42ce9e90922f