demo.onvio.ca
- Thomson Reuters -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 01:f8:9e:51:04:83:a2:59:e7:2e:b3:a3:f6:aa:78:29 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Thomson Reuters
Organization:
Thomson Reuters
State / Province:
Minnesota
Locality: Eagan
Country: US
Locality: Eagan
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:f8:9e:51:04:83:a2:59:e7:2e:b3:a3:f6:aa:78:29Serial Number (int): 2620128656297169747561492620639893545
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: d7:33:b4:04:d7:dd:9d:a0:b4:18:b0:ae:84:f7:5a:8b:df:5c:05:75
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): b5:4f:6e:21:4a:6e:7e:41:f6:c7:ec:00:ab:57:5c:64:2a:c8:12:a6
Fingerprint (sha256): 80:14:d6:c3:69:c2:a2:87:86:eb:3e:62:bb:0a:73:f3:49:bf:1e:c9:68:be:e8:36:c5:03:28:ac:58:bb:56:8f
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate demo.onvio.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for demo.onvio.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
demo.onvio.ca
Other certificates including the domain name onvio.ca
(limited to 100 certificates)
qed.onvio.us
csshared.demo.int.onvio.ca
qed.onvio.us
ci.onvio.us
www.onvio.ca
qed.onvio.ca
demo.onvio.us
qed.int.onvio.ca
demo.onvio.us
ci.int.onvio.us
qed.api.onvio.us
demo.int.onvio.us
qed.onvio.us
demo.int.onvio.us
onvio.ca
onvio.ca
qed.onvio.ca
www.onvio.ca
demo.api.onvio.us
demo.int.onvio.ca
qed.onvio.ca
qed.onvio.us
qed.onvio.us
onvio.ca
csshared.demo.int.onvio.ca
ci.api.onvio.us
ci.onvio.us
ci.int.onvio.us
qed.onvio.us
demo.onvio.us
qed.onvio.us
demo.onvio.us
onvio.ca
demo.onvio.us
qed.onvio.us
onvio.ca
qed.onvio.ca
demo.onvio.ca
onvio.ca
demo.onvio.us
api.onvio.us
int.onvio.ca
ci.onvio.us
ci.onvio.us
qed.onvio.ca
int.onvio.ca
www.onvio.ca
onvio.ca
demo.int.onvio.us
ci.int.onvio.us
ci.int.onvio.us
qed.onvio.ca
ci.onvio.us
demo.onvio.us
qed.int.onvio.ca
ci.int.onvio.us
www.onvio.ca
ci.onvio.us
demo.onvio.ca
ci.int.onvio.us
demo.onvio.us
demo.onvio.us
demo.int.onvio.ca
ci.onvio.us
onvio.ca
qed.onvio.us
onvio.ca
qed.onvio.ca
ci.onvio.us
demo.onvio.us
qed.onvio.us
csshared.demo.int.onvio.ca
qed.onvio.us
ci.onvio.us
www.onvio.ca
qed.onvio.ca
demo.onvio.us
qed.int.onvio.ca
demo.onvio.us
ci.int.onvio.us
qed.api.onvio.us
demo.int.onvio.us
qed.onvio.us
demo.int.onvio.us
onvio.ca
onvio.ca
qed.onvio.ca
www.onvio.ca
demo.api.onvio.us
demo.int.onvio.ca
qed.onvio.ca
qed.onvio.us
qed.onvio.us
onvio.ca
csshared.demo.int.onvio.ca
ci.api.onvio.us
ci.onvio.us
ci.int.onvio.us
qed.onvio.us
demo.onvio.us
qed.onvio.us
demo.onvio.us
onvio.ca
demo.onvio.us
qed.onvio.us
onvio.ca
qed.onvio.ca
demo.onvio.ca
onvio.ca
demo.onvio.us
api.onvio.us
int.onvio.ca
ci.onvio.us
ci.onvio.us
qed.onvio.ca
int.onvio.ca
www.onvio.ca
onvio.ca
demo.int.onvio.us
ci.int.onvio.us
ci.int.onvio.us
qed.onvio.ca
ci.onvio.us
demo.onvio.us
qed.int.onvio.ca
ci.int.onvio.us
www.onvio.ca
ci.onvio.us
demo.onvio.ca
ci.int.onvio.us
demo.onvio.us
demo.onvio.us
demo.int.onvio.ca
ci.onvio.us
onvio.ca
qed.onvio.us
onvio.ca
qed.onvio.ca
ci.onvio.us
demo.onvio.us
qed.onvio.us
Certificate
The complete raw certificate details for demo.onvio.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgIQAfieUQSDolnnLrOj9qp4KTANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwMjAyMDAwMDAwWhcN MTkwODAyMTIwMDAwWjBjMQswCQYDVQQGEwJVUzESMBAGA1UECBMJTWlubmVzb3Rh MQ4wDAYDVQQHEwVFYWdhbjEYMBYGA1UEChMPVGhvbXNvbiBSZXV0ZXJzMRYwFAYD VQQDEw1kZW1vLm9udmlvLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2J5pQvaI+dzFCuW6+tZ8G9sZ5OsgrU2DCVQuIJvJgKeFTyUOz7/JaD4rMXY /nzT9SGhyrE6cJaFD9q0o7lrtqjy9DA7f+TLm8aw8KC8Xx7WunH5b7EBOEpOf8Rh EOlQPgRdJ3SzA7qI8/7g7jinXCt1tvA8cUZJKTKcEQnfXYSihSUbL3az77JTSTqr OncH0fHt9BNGpli+NATzhIX110KXvyNgvl3dLS/OE+30VrtUnbnZ4eLCRn/ziej3 iKBuOSeZt02VIV0+GrJifxioG0izYoX1tSw6h/7xDgh4nF0elciy2CN19yUXutXZ iSJWMDfIBjcNgqwYeuDT/EgpKQIDAQABo4IB5jCCAeIwHwYDVR0jBBgwFoAUD4Bh HIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFNcztATX3Z2gtBiwroT3WovfXAV1 MBgGA1UdEQQRMA+CDWRlbW8ub252aW8uY2EwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRw Oi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0 cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUw QzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl cnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzAB hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9j YWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5j cnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsF AAOCAQEAakvGEpUbUon9BeP2YuKjIWBVN4a3evWppqKByH7Vz0V3YfIr7JafjKtg c+jtaJYT+y/zrSpstHjlNq8SpFzOw68bgdWyg6KtuyW9qgwhjOUY79ubsro2zasy KSOya9SYvQ7epByrRwnm/hrJ/elFubsRrDOpoQn4YJE9RX5XquEBXd2OYzwJm0P8 hWxaPQBBMdwyiecrVcb22fC9T+VG3MQqWu9ShiYlqyq/odCzqsM3vqVToQQwGd0i ecKRWrqnzN0A9vQX025h4Ia6zMuNH3C+SOo+u21QuBf3ReW4UEp7dxi2sWnKn24i 0jdwBK21JFSQ3oOTaqROApEvM5QMaA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2J5pQvaI+dzFCuW6+tZ 8G9sZ5OsgrU2DCVQuIJvJgKeFTyUOz7/JaD4rMXY/nzT9SGhyrE6cJaFD9q0o7lr tqjy9DA7f+TLm8aw8KC8Xx7WunH5b7EBOEpOf8RhEOlQPgRdJ3SzA7qI8/7g7jin XCt1tvA8cUZJKTKcEQnfXYSihSUbL3az77JTSTqrOncH0fHt9BNGpli+NATzhIX1 10KXvyNgvl3dLS/OE+30VrtUnbnZ4eLCRn/ziej3iKBuOSeZt02VIV0+GrJifxio G0izYoX1tSw6h/7xDgh4nF0elciy2CN19yUXutXZiSJWMDfIBjcNgqwYeuDT/Egp KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2620128656297169747561492620639893545 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-02 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Eagan' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thomson Reuters' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demo.onvio.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23150169727264861938428386711076786243554587988916979777507950303015569454520714475934233662720174291357077071876490165155345327230165789492479243180932680908014084608467282927102481355612012310710402793859067712673758450040011048160642831191686167023540034497280566733306968187235199662956717107085346341024350143906285501817484406550170939002145178829250593730517552788883370248196569782886897742541262682748526529813398183462207944053052624432618795921844184444900051376382245673345064532830014145649502117590121927656913235684701608549221060056287926825005240064643257681135380558705617076599375410457795304630569 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d733b404d7dd9da0b418b0ae84f75a8bdf5c0575 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo.onvio.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006a4bc612951b5289fd05e3f662e2a32160553786b77af5a9a6a281c87ed5cf457761f22bec969f8cab6073e8ed689613fb2ff3ad2a6cb478e536af12a45ccec3af1b81d5b283a2adbb25bdaa0c218ce518efdb9bb2ba36cdab322923b26bd498bd0edea41cab4709e6fe1ac9fde945b9bb11ac33a9a109f860913d457e57aae1015ddd8e633c099b43fc856c5a3d004131dc3289e72b55c6f6d9f0bd4fe546dcc42a5aef52862625ab2abfa1d0b3aac337bea553a1043019dd2279c2915abaa7ccdd00f6f417d36e61e086bacccb8d1f70be48ea3ebb6d50b817f745e5b8504a7b7718b6b169ca9f6e22d2377004adb5245490de83936aa44e02912f33940c68