dev.sonypictures.es

- Sony Pictures Entertainment -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 07:89:2f:d1:94:9e:2b:d6:14:87:01:f6:f2:de:97:9c was issued on by DigiCert Inc.

With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Sony Pictures Entertainment

Organization: Sony Pictures Entertainment
State / Province: California
Locality: Culver City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:89:2f:d1:94:9e:2b:d6:14:87:01:f6:f2:de:97:9c
Serial Number (int): 10016910518046018349091139902783788956
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 74:eb:62:c5:60:6f:29:fc:6b:f9:87:00:59:1f:27:89:fd:6d:d2:6d
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 3b:12:11:64:e9:19:bb:49:d5:b1:c4:fe:67:05:66:a3:9d:00:cd:95
Fingerprint (sha256): 7a:99:1b:8d:11:10:fd:ef:ea:27:20:3a:88:27:01:ee:bd:be:fd:13:00:c9:ee:b8:ed:ca:08:83:c9:ab:e8:45

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl

Check the revocation status for certificate dev.sonypictures.es

15

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dev.sonypictures.es

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dev.sonypictures.es
stg.sonypictures.es
dev.sonypictures.fr
stg.sonypictures.fr
dev.sonypictures.be
stg.sonypictures.be
dev.sonypictures.co.uk
stg.sonypictures.co.uk
dev.sonypictures.ca
stg.sonypictures.ca
dev.intl.sonypictures.com
stg.intl.sonypictures.com
dev2.sonypictures.es
stg.sonypictures.ie
dev.sonypictures.ie

Other certificates including the domain name sonypictures.es

(limited to 100 certificates)
flash.sonypictures.com
flash.sonypictures.com
stage-microsites.sonypictures.com
perc.sonypictures.com
www.sonypictures.es
perc.sonypictures.com
flash.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
perc.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
stage-perc.sonypictures.com
edge-micros1.sonypictures.com
edge-micros1.sonypictures.com
api.stg.sonypictures.es
microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
www.sonypictures.es
stage-perc.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
edge-micros1.sonypictures.com
stage-perc.sonypictures.com
microsites.sonypictures.com
microsites.sonypictures.com
stage-perc.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
microsites.sonypictures.com
edge-micros2.sonypictures.com
flash.sonypictures.com
stage-microsites.sonypictures.com
dev.sonypictures.es
portals.sonypictures.net
flash.sonypictures.com
flash.sonypictures.com
dev.sonypictures.co.uk
flash.sonypictures.com
perc.sonypictures.com
microsites.sonypictures.com
flash.sonypictures.com
edge-affiliates.cinesony.com
stage-perc.sonypictures.com
microsites.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
edge-micros1.sonypictures.com
cms-prod.sonypictures.es
flash.sonypictures.com
stage-microsites.sonypictures.com
edge-micros1.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
stage-microsites.sonypictures.com
edge-micros2.sonypictures.com
stage-perc.sonypictures.com
stage.sonypictures.es
perc.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
flash.sonypictures.com
perc.sonypictures.com
dev.sonypictures.es
stage-microsites.sonypictures.com
edge-affiliates.cinesony.com
perc.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
edge-affiliates.cinesony.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
flash.sonypictures.com
edge-micros1.sonypictures.com
microsites.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
microsites.sonypictures.com
stage-microsites.sonypictures.com
portals.sonypictures.net
microsites.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
dev.sonypictures.co.uk
flash.sonypictures.com
sonypictures.es
stage-microsites.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
edge-micros2.sonypictures.com

Certificate

The complete raw certificate details for dev.sonypictures.es in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHjjCCBnagAwIBAgIQB4kv0ZSeK9YUhwH28t6XnDANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTAyMTYwMDAwMDBa
Fw0yMjAyMjMyMzU5NTlaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRQwEgYDVQQHEwtDdWx2ZXIgQ2l0eTEkMCIGA1UEChMbU29ueSBQaWN0dXJl
cyBFbnRlcnRhaW5tZW50MRwwGgYDVQQDExNkZXYuc29ueXBpY3R1cmVzLmVzMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOGnShUjxCwqCL4bYkXhOc0f
e2tNJDacUUQcIXXURSaKwCYFYPCj9KC0RtMtXV/Q1k1rd51DyBHfvjmp+Nl01yMs
m3I10wT0v3rX/VMmdpd9M7sU5ownFt4n+ndf/RzCjM3eeCScWmF+sQqt9y4xgZ5p
+X0mEp0Enw7EEeJixZGuiIIfcRZlWNcIRkMfPXBwigjTDq50IXa9zA8sIsB9rSzQ
4llchmvKFdGe72jnDlOgO+TjEA2l5vZUhd3MfislGiHqKttFgokzVpnVuTJ04oeC
hr0Y5PqQl70qLFVXBUzH9FYfopgsfgH7lAHk7T2JXeYigxLEylaunHC6oQMQVQID
AQABo4IENzCCBDMwHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYD
VR0OBBYEFHTrYsVgbyn8a/mHAFkfJ4n9bdJtMIIBWwYDVR0RBIIBUjCCAU6CE2Rl
di5zb255cGljdHVyZXMuZXOCE3N0Zy5zb255cGljdHVyZXMuZXOCE2Rldi5zb255
cGljdHVyZXMuZnKCE3N0Zy5zb255cGljdHVyZXMuZnKCE2Rldi5zb255cGljdHVy
ZXMuYmWCE3N0Zy5zb255cGljdHVyZXMuYmWCFmRldi5zb255cGljdHVyZXMuY28u
dWuCFnN0Zy5zb255cGljdHVyZXMuY28udWuCE2Rldi5zb255cGljdHVyZXMuY2GC
E3N0Zy5zb255cGljdHVyZXMuY2GCGWRldi5pbnRsLnNvbnlwaWN0dXJlcy5jb22C
GXN0Zy5pbnRsLnNvbnlwaWN0dXJlcy5jb22CFGRldjIuc29ueXBpY3R1cmVzLmVz
ghNzdGcuc29ueXBpY3R1cmVzLmllghNkZXYuc29ueXBpY3R1cmVzLmllMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYsGA1Ud
HwSBgzCBgDA+oDygOoY4aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
VExTUlNBU0hBMjU2MjAyMENBMS5jcmwwPqA8oDqGOGh0dHA6Ly9jcmw0LmRpZ2lj
ZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEuY3JsMD4GA1UdIAQ3
MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzB9BggrBgEFBQcBAQRxMG8wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
LmRpZ2ljZXJ0LmNvbTBHBggrBgEFBQcwAoY7aHR0cDovL2NhY2VydHMuZGlnaWNl
cnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS5jcnQwDAYDVR0TAQH/
BAIwADCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3ACl5vvCeOTkh8FZzn2Old+W+
V32cYAr4+U1dJlwlXceEAAABd6xqmNkAAAQDAEgwRgIhANypRGQCRdLC8zJdxbuV
VkWqZnBshGj3Jbx8r2Y550X4AiEApa17rB1gXTo6Na3nGqKn2AS+flg2zvA8vJVO
tCcVYVUAdwAiRUUHWVUkVpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXesapkw
AAAEAwBIMEYCIQCPUW+Ma06cqQqcjG4SY8+SOkoOsqM4/a4M/MXoXc2EGwIhALkh
6Mz0X1G4QH+OsgU5pN2zBDia55VD7d8RCRAZQZDBMA0GCSqGSIb3DQEBCwUAA4IB
AQAJsG1LcdyZM2AJHM1eJSCt0DDcNwI+vjJbbRoZ6ZG8BgjFcqsA/F1Ph/SzsCPl
VI4oXNcOVPDTfnVI9CjyDCv0RqGXmZ35sqLKKDi0NKaOcfhpes3qMHyyES6ysZW9
bDclGVTtQ+dhiBIU9yWnMHtVAS77vqzfdMqC8Qg322S7Xt08awiUd251uQ2gwEZL
nQpaPEubHlNgNygbXMCBSbC9BF1l99B+W/EgKUGqN4b/JXYdmecVuWBX4/IFXazy
p0arT5K0/HM4yqEc6p3lujAfMMMlpHcMz7GlexTjREIGChExTYPy1+H0jiWrhszI
BLBcUURk5LWW0pb2bOntuiep
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOGnShUjxCwqCL4bYkXh
Oc0fe2tNJDacUUQcIXXURSaKwCYFYPCj9KC0RtMtXV/Q1k1rd51DyBHfvjmp+Nl0
1yMsm3I10wT0v3rX/VMmdpd9M7sU5ownFt4n+ndf/RzCjM3eeCScWmF+sQqt9y4x
gZ5p+X0mEp0Enw7EEeJixZGuiIIfcRZlWNcIRkMfPXBwigjTDq50IXa9zA8sIsB9
rSzQ4llchmvKFdGe72jnDlOgO+TjEA2l5vZUhd3MfislGiHqKttFgokzVpnVuTJ0
4oeChr0Y5PqQl70qLFVXBUzH9FYfopgsfgH7lAHk7T2JXeYigxLEylaunHC6oQMQ
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10016910518046018349091139902783788956
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Culver City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sony Pictures Entertainment'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dev.sonypictures.es'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17784636570590836729551107981263075045635118364337681614866959780956947256681032293619874493466036933457781061619905673015761646082358411670637239874910270920545592355364353402512944843292651084454688048898360007539913438015012862900169880320238671681859463593165772609921809539706486150551490817072122828969672891776215205566971248700456476610464852723119039350959573224663636339278212689985876683553617243204798272628447429396891210787569792361108228436957237135866904940096988196765802012283630557344114339671982339569223749470558243694198897964807412278567362931279461341012742221947614172275486885536577597149269
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							74eb62c5606f29fc6bf98700591f2789fd6dd26d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (338 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.intl.sonypictures.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.intl.sonypictures.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev2.sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.sonypictures.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.sonypictures.ie'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f20077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc78400000177ac6a98d90000040300483046022100dca944640245d2c2f3325dc5bb955645aa66706c8468f725bc7caf6639e745f8022100a5ad7bac1d605d3a3a35ade71aa2a7d804be7e5836cef03cbc954eb4271561550077002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f0200000177ac6a993000000403004830460221008f516f8c6b4e9ca90a9c8c6e1263cf923a4a0eb2a338fdae0cfcc5e85dcd841b022100b921e8ccf45f51b8407f8eb20539a4ddb304389ae79543eddf110910194190c1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0009b06d4b71dc993360091ccd5e2520add030dc37023ebe325b6d1a19e991bc0608c572ab00fc5d4f87f4b3b023e5548e285cd70e54f0d37e7548f428f20c2bf446a197999df9b2a2ca2838b434a68e71f8697acdea307cb2112eb2b195bd6c37251954ed43e761881214f725a7307b55012efbbeacdf74ca82f10837db64bb5edd3c6b0894776e75b90da0c0464b9d0a5a3c4b9b1e536037281b5cc08149b0bd045d65f7d07e5bf1202941aa3786ff25761d99e715b96057e3f2055dacf2a746ab4f92b4fc7338caa11cea9de5ba301f30c325a4770ccfb1a57b14e34442060a11314d83f2d7e1f48e25ab86ccc804b05c514464e4b596d296f66ce9edba27a9