phsivdi.primehealthcare.com

- Prime Healthcare Management, Inc. -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 02:43:d4:48:c8:56:39:a7:48:fd:7e:d8:28:f6:b1:db was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Prime Healthcare Management, Inc.

Organization: Prime Healthcare Management, Inc.
State / Province: California
Locality: Ontario
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 02:43:d4:48:c8:56:39:a7:48:fd:7e:d8:28:f6:b1:db
Serial Number (int): 3010645518356582223592496067012637147
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: e0:b7:16:09:88:01:c3:20:7f:66:1c:a4:b9:5c:05:be:1f:49:55:8c
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 60:06:44:fa:22:3d:74:3f:29:7a:43:44:b6:b0:42:2b:c7:7c:48:81
Fingerprint (sha256): 86:f6:6d:f7:eb:98:bd:26:5c:fe:4f:4e:4f:d6:4b:73:34:54:cf:e6:24:da:27:6c:19:fe:02:62:0e:7f:be:cd

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate phsivdi.primehealthcare.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for phsivdi.primehealthcare.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

phsivdi.primehealthcare.com
www.phsivdi.primehealthcare.com

Other certificates including the domain name primehealthcare.com

(limited to 100 certificates)
*.primehealthcare.com
primehealthcare.com
primehealthcare.com
careers.primehealthcare.com
PHSEV01.PRIMEHEALTHCARE.COM
phsev04.primehealthcare.com
ps360.primehealthcare.com
www.primehealthcare.com
phsi.us
cs.primehealthcare.com
primehealthcare.com
*.primehealthcare.com
primehealthcare.com
helpdesk.warren-wilson.edu
*.primehealthcare.com
*.primehealthcare.com
CO-MOVITAUTO01P.phsi.primehealthcare.com
cardioserver.primehealthcare.com
zmail.primehealthcare.com
mychart.primehealthcare.com
*.primehealthcare.com
phsi-expwaye-cl.phsi.primehealthcare.com
webmail.primehealthcare.com
primehealthcare.com
primehealthcare.com
supportdesks.portland.ac.uk
*.phsi.primehealthcare.com
pmcportal.primehealthcare.com
epicsoapproxyprod.primehealthcare.com
helpdesk.warren-wilson.edu
servicedesk.primehealthcare.com
hpfweb.primehealthcare.com
mychart.primehealthcare.com
helpdesk.acpro.com
croh-xdr.primehealthcare.com
CO-MOVITXFER01P.phsi.primehealthcare.com
primehealthcare.com
primehealthcare.com
CO-SWMGTCON01P.phsi.primehealthcare.com
hpfweb.primehealthcare.com
helpdesk.warren-wilson.edu
epichswextprd.primehealthcare.com
primehealthcare.com
*.primehealthcare.com
hpfweb.primehealthcare.com
primehealthcare.com
co-vpn.primehealthcare.com
mrtxvdi.primehealthcare.com
gateway.primehealthcare.com
servicedesk.dai.co.uk
mychartpoc.phsi.primehealthcare.com
primehealthcare.com
phsivdi.primehealthcare.com
Smrmc-nxhie-prod.primehealthcare.com
eprescribingtest.primehealthcare.com
ps360a.primehealthcare.com
*.phsi.primehealthcare.com
apps.primehealthcare.com
epicsfdprod.primehealthcare.com
*.primehealthcare.com
*.primehealthcare.com
gateway.primehealthcare.com
epicsfdprod.primehealthcare.com
www.primehealthcare.com
careers.primehealthcare.com
executive.primehealthcare.com
ehp.primehealthcare.com
CO-MOVITAUTO01P.phsi.primehealthcare.com
primehealthcare.com
gateway-glen.primehealthcare.com
onbaseweb.primehealthcare.com
vpn.primehealthcare.com
phsi-expwaye.primehealthcare.com
*.primehealthcare.com
epicmblnonprod.phsi.primehealthcare.com
*.phsi.primehealthcare.com
citrix.primehealthcare.com
*.phsi.primehealthcare.com
*.primehealthcare.com
phsi.us
primehealthcare.com
gateway.primehealthcare.com
EpicSFDNonProd.primehealthcare.com
zmail.primehealthcare.com
co-vpn.primehealthcare.com
primehealthcare.com
patientportal-sjomo.primehealthcare.com
epichswexttst.primehealthcare.com
epicsfdprod.primehealthcare.com
epicsfdprod.primehealthcare.com
mobicontrol.phsi.primehealthcare.com
*.primehealthcare.com
mobicontrol.phsi.primehealthcare.com
phsivdi.primehealthcare.com
www.preplanbedell.com
primehealthcare.com
my.primehealthcare.com
mychart.primehealthcare.com
www.primehealthcare.com
*.primehealthcare.com

Certificate

The complete raw certificate details for phsivdi.primehealthcare.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHAzCCBeugAwIBAgIQAkPUSMhWOadI/X7YKPax2zANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzEyMTQwMDAwMDBa
Fw0yNTAxMTIyMzU5NTlaMIGGMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
cm5pYTEQMA4GA1UEBxMHT250YXJpbzEqMCgGA1UEChMhUHJpbWUgSGVhbHRoY2Fy
ZSBNYW5hZ2VtZW50LCBJbmMuMSQwIgYDVQQDExtwaHNpdmRpLnByaW1laGVhbHRo
Y2FyZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsKAKzdzgg
B99QxCngLgez8+hGKAazXR84q8FZ9HZ/AZ7gmZuZO8j8+EsiO7E+LNPKKqCUICUP
7BHeSChvZ4fzhJbv3Allxpz3hHBBIHgMK6knv0Wtst0c+o8qlAvCO1jPy2iNE77O
zcCOTDiNyERBKdPDmsaAwgYAeUjQAZKW30HurS+EnuzGwdgAM/dENfuBjIcMCBRF
WPlBb/m4T5FIli8Yl1/1jyXsFFhXYJQ+5azzJph4yUkYSdxJCBAXw5wqt0vr6xZn
XM9oXuaeyiV0Ktqfj92ZPqzVf6POHrNKuQjMjIK8IZeq4P16rSOVzeMcn/2mWkhG
Ljypf7KtJHgtAgMBAAGjggOhMIIDnTAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoP
mLLFlXa59DAdBgNVHQ4EFgQU4LcWCYgBwyB/ZhykuVwFvh9JVYwwRwYDVR0RBEAw
PoIbcGhzaXZkaS5wcmltZWhlYWx0aGNhcmUuY29tgh93d3cucGhzaXZkaS5wcmlt
ZWhlYWx0aGNhcmUuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUH
AgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+
oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1
NjIwMjBDQTEtNC5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9E
aWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwfwYIKwYBBQUHAQEEczBx
MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUH
MAKGPWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNI
QTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIE
ggFwBIIBbAFqAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGM
aPCHKAAABAMARzBFAiADnJN2iKZwLnS4HSxJLOnTtWRPJBoUT835O8ISllXDwAIh
ALdh0ubyp83M+m7C3951LPGra2i2UztiNZWpeNlpn7IaAHcAPxdLT9ciR1iUHWUc
hL4NEu2QN38fhWrrwb8ohez4ZG4AAAGMaPCHGQAABAMASDBGAiEAuTghSfwSFEix
P2ldS+9WTlrKw1Dv7851NuQiiaeL7ecCIQD4DRKt8hEivGI8LX08BtSA+jt9qIx1
E1mc9hYlz4IoNwB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAAB
jGjwhwkAAAQDAEgwRgIhANDs/jH9mu1AYb0m/8y3SLZ38QWiDgsSJmjdLKHnBF5V
AiEAq0yR8a/0aSVs72u7ph88qL2Ub7yVgnhcIzzwYW7sytwwDQYJKoZIhvcNAQEL
BQADggEBAK9NZ+4k/zZyL49FHLTVaWAmJUqy+lhg/xwNXdTTLsk90D1XyUtBqXPg
6bOgLrOAyRXguEzCQiNedOv5M28SgSV8+zn4Jra/YNnaV77rxwl0w07kLpQIMmGi
70rsCfA+yuTyQ+wiEUEIZb/4cVop3UNJmTMKCda6W+iaSJ6U3oDQ7iYsVCqGiNgN
XNP9pd9scG0VY4BQ4ODtstYHPbILhZUzI+66/AIH84Q/RpXYqC1cS2JVSrbyvy+F
LFo7qX2gT2qWOjt9kClyUi0TQig2UxcNr0mNaq6OT6nL1DMJPboC0aOxpBThvGXG
B+mRq7RXkQnWmwSBcqjW+JPQEA3TFUs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCgCs3c4IAffUMQp4C4H
s/PoRigGs10fOKvBWfR2fwGe4JmbmTvI/PhLIjuxPizTyiqglCAlD+wR3kgob2eH
84SW79wJZcac94RwQSB4DCupJ79FrbLdHPqPKpQLwjtYz8tojRO+zs3Ajkw4jchE
QSnTw5rGgMIGAHlI0AGSlt9B7q0vhJ7sxsHYADP3RDX7gYyHDAgURVj5QW/5uE+R
SJYvGJdf9Y8l7BRYV2CUPuWs8yaYeMlJGEncSQgQF8OcKrdL6+sWZ1zPaF7mnsol
dCran4/dmT6s1X+jzh6zSrkIzIyCvCGXquD9eq0jlc3jHJ/9plpIRi48qX+yrSR4
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3010645518356582223592496067012637147
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Prime Healthcare Management, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'phsivdi.primehealthcare.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21732718392170162200903483078910092453628111719133934511320865588617632450510137139438761324674330203725055004192817178224004538355457416043776023380381717240546800632650549152587972673712470051956055982578223894457227742015068429586882504645533885986403680712345054035964858649623830075843141071211185129988633592747459927833414391203083348823267253519101391423093417280138699473024383168550158448120579771507300057155502757256815574207965650185710901855982513198850583736553246059109958263811394356782842552499469444097920655760341256945288584796141884249024251543549465975281324012126224548331162866860124570679341
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e0b716098801c3207f661ca4b95c05be1f49558c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phsivdi.primehealthcare.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.phsivdi.primehealthcare.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c68f0872800000403004730450220039c937688a6702e74b81d2c492ce9d3b5644f241a144fcdf93bc2129655c3c0022100b761d2e6f2a7cdccfa6ec2dfde752cf1ab6b68b6533b623595a978d9699fb21a0077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c68f087190000040300483046022100b9382149fc121448b13f695d4bef564e5acac350efefce7536e42289a78bede7022100f80d12adf21122bc623c2d7d3c06d480fa3b7da88c7513599cf61625cf8228370077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c68f087090000040300483046022100d0ecfe31fd9aed4061bd26ffccb748b677f105a20e0b122668dd2ca1e7045e55022100ab4c91f1aff469256cef6bbba61f3ca8bd946fbc9582785c233cf0616eeccadc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00af4d67ee24ff36722f8f451cb4d5696026254ab2fa5860ff1c0d5dd4d32ec93dd03d57c94b41a973e0e9b3a02eb380c915e0b84cc242235e74ebf9336f1281257cfb39f826b6bf60d9da57beebc70974c34ee42e94083261a2ef4aec09f03ecae4f243ec2211410865bff8715a29dd434999330a09d6ba5be89a489e94de80d0ee262c542a8688d80d5cd3fda5df6c706d15638050e0e0edb2d6073db20b85953323eebafc0207f3843f4695d8a82d5c4b62554ab6f2bf2f852c5a3ba97da04f6a963a3b7d902972522d1342283653170daf498d6aae8e4fa9cbd433093dba02d1a3b1a414e1bc65c607e991abb4579109d69b048172a8d6f893d0100dd3154b