oos.deloitte.be
- Deloitte Services & Investments -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0b:59:36:1a:72:58:05:21:ab:08:75:d2:24:3b:8a:a4 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Deloitte Services & Investments
Organization:
Deloitte Services & Investments
Organization unit: NOC
Organization unit: NOC
Locality:
Zaventem
Country: BE
Country: BE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:59:36:1a:72:58:05:21:ab:08:75:d2:24:3b:8a:a4Serial Number (int): 15084719719482197646615386328447814308
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 43:b6:d7:a8:db:48:54:dc:34:2e:16:3c:f7:57:08:8b:62:53:13:12
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 10:fa:b2:54:2b:bb:6e:f1:97:b8:cc:53:d0:f9:40:93:ea:9e:3d:9f
Fingerprint (sha256): 87:3a:3d:64:4c:02:7b:de:5e:71:db:ac:00:46:af:65:25:2d:80:c4:b9:53:8f:4c:47:11:38:a0:95:db:98:58
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate oos.deloitte.be
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oos.deloitte.be
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oos.deloitte.be
oos-a.deloitte.be
oos-a.deloitte.be
Other certificates including the domain name deloitte.be
(limited to 100 certificates)
swift-trustdelivered.deloitte.be
digitalaccountant.deloitte.be
readz.com
survey.gradwell.com
*.deloitte.be
readz.com
*.app.deloitte.be
*.deloitte.be
*.deloitte.be
survey.westernwindowsystems.com
readz.com
supportsurvey.control4.com
readz.com
usap42.us.deloitte.com
usap42.us.deloitte.com
readz.com
usap42.us.deloitte.com
*.deloitte.be
*.deloitte.be
meet.deloitte.nl
registerfast50.deloitte.be
readz.com
cody-test.getgetfeedbackback.com
meet.deloitte.nl
readz.com
*.deloitte.be
readz.com
readz.com
readz.com
certificates.getfeedback.com
meet.deloitte.nl
usap42.us.deloitte.com
readz.com
survey.boomtownroi.com
readz.com
sip.gsinet.be
readz.com
readz.com
readz.com
readz.com
*.deloitte.be
readz.com
readz.com
usap42.us.deloitte.com
readz.com
readz.com
usap41.us.deloitte.com
supportsurvey.control4.com
feedback.liftago.com
readz.com
readz.com
feedback.nanotempertech.com
customdomain.getfeedback.com
meet.deloitte.nl
readz.com
usap42.us.deloitte.com
readz.com
readz.com
survey.westernwindowsystems.com
survey.adstream.com
*.deloitte.be
*.deloitte.be
readz.com
mobile-consumer-survey.deloitte.be
readz.com
readz.com
feedback.auditorservice.com
readz.com
sip.deloitte.nl
readz.com
*.deloitte.be
usap42.us.deloitte.com
readz.com
sms.cic.deloitte.be
sip.deloitte.nl
mobile-consumer-survey.deloitte.be
readz.com
*.deloitte.be
readz.com
*.deloitte.be
readz.com
readz.com
customdomain.getfeedback.com
*.deloitte.be
feedback.nextdc.com
readz.com
registerfast50.deloitte.be
readz.com
password.deloitte.be
feedback.inap.com
feedback.auditorservice.com
readz.com
readz.com
readz.com
readz.com
survey.gradwell.com
feedback.nextdc.com
mobility.deloitte.be
certificates.getfeedback.com
readz.com
digitalaccountant.deloitte.be
readz.com
survey.gradwell.com
*.deloitte.be
readz.com
*.app.deloitte.be
*.deloitte.be
*.deloitte.be
survey.westernwindowsystems.com
readz.com
supportsurvey.control4.com
readz.com
usap42.us.deloitte.com
usap42.us.deloitte.com
readz.com
usap42.us.deloitte.com
*.deloitte.be
*.deloitte.be
meet.deloitte.nl
registerfast50.deloitte.be
readz.com
cody-test.getgetfeedbackback.com
meet.deloitte.nl
readz.com
*.deloitte.be
readz.com
readz.com
readz.com
certificates.getfeedback.com
meet.deloitte.nl
usap42.us.deloitte.com
readz.com
survey.boomtownroi.com
readz.com
sip.gsinet.be
readz.com
readz.com
readz.com
readz.com
*.deloitte.be
readz.com
readz.com
usap42.us.deloitte.com
readz.com
readz.com
usap41.us.deloitte.com
supportsurvey.control4.com
feedback.liftago.com
readz.com
readz.com
feedback.nanotempertech.com
customdomain.getfeedback.com
meet.deloitte.nl
readz.com
usap42.us.deloitte.com
readz.com
readz.com
survey.westernwindowsystems.com
survey.adstream.com
*.deloitte.be
*.deloitte.be
readz.com
mobile-consumer-survey.deloitte.be
readz.com
readz.com
feedback.auditorservice.com
readz.com
sip.deloitte.nl
readz.com
*.deloitte.be
usap42.us.deloitte.com
readz.com
sms.cic.deloitte.be
sip.deloitte.nl
mobile-consumer-survey.deloitte.be
readz.com
*.deloitte.be
readz.com
*.deloitte.be
readz.com
readz.com
customdomain.getfeedback.com
*.deloitte.be
feedback.nextdc.com
readz.com
registerfast50.deloitte.be
readz.com
password.deloitte.be
feedback.inap.com
feedback.auditorservice.com
readz.com
readz.com
readz.com
readz.com
survey.gradwell.com
feedback.nextdc.com
mobility.deloitte.be
certificates.getfeedback.com
readz.com
Certificate
The complete raw certificate details for oos.deloitte.be in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgIQC1k2GnJYBSGrCHXSJDuKpDANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xODAyMjAwMDAwMDBaFw0yMTAyMjQxMjAwMDBa MHIxCzAJBgNVBAYTAkJFMREwDwYDVQQHEwhaYXZlbnRlbTEoMCYGA1UECgwfRGVs b2l0dGUgU2VydmljZXMgJiBJbnZlc3RtZW50czEMMAoGA1UECxMDTk9DMRgwFgYD VQQDEw9vb3MuZGVsb2l0dGUuYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDgcb6rgBSi+GMxHThzjRwOXmmCwPZ/ge+xo5iX+A2OABn++aEKZFaDho9e VsNtn/MegGitjYtWBnvm2MV5ljQdpL2C2s9hgHEeXYzB96o0wKiRB4vMdtk1Ao6x yt/GQ6d5xBg6ziUrNO3ZewSnaxiFi3Sjlc0Ive/gngFnYYOEU8iA9KX883mHPXcR Hd5tJYM92eUReyjZsix+a5845mUGlDi7ge759jjZsY5jOvfkwLT9xetEuOuCKNWE cu/J3zMHNNKbj3YRgl0CWHrFslKLaHJtg3czGOlNbXTysPOJsv7xP84TWTJs896U 1bk7XFxl0U7P7/bk3CUZOgghEGPFAgMBAAGjggIQMIICDDAfBgNVHSMEGDAWgBRR aP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUQ7bXqNtIVNw0LhY891cIi2JT ExIwLQYDVR0RBCYwJIIPb29zLmRlbG9pdHRlLmJlghFvb3MtYS5kZWxvaXR0ZS5i ZTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEy LWhhLXNlcnZlci1nNi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv bS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEw KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZn gQwBAgIwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNV HRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBZtJijz3K+jT+MEQyRW7/BIZD0BxMCQ+rGex5BlgKHpXGtciDVmpGRAn6NLcWL /HFk3F5GmeVVfxVBdFeJMj+bFo10WVAZszVZ68fZgDCpalmV1bXJZovy5jXtCDO3 WerhrDrq6VusiA1VJmmsZmgXP5s7E1B9jyQb8k38XD9J5YWxDw09mNC/mXFXzg+x 6ljmCfeTjIzO2Qk6/GIOw43bH9jiGSVbf8AcojJeciecVdgBXVlIYV8u3U8d9OYl DKevdV1xtDxeKp217dPaEdJ/tYU1JJdERRBJ53iwrKLCaY+RuZfXDjNzu7ZmzLz0 oKwvgSOn1oZxywXPBc23L/hm -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HG+q4AUovhjMR04c40c Dl5pgsD2f4HvsaOYl/gNjgAZ/vmhCmRWg4aPXlbDbZ/zHoBorY2LVgZ75tjFeZY0 HaS9gtrPYYBxHl2MwfeqNMCokQeLzHbZNQKOscrfxkOnecQYOs4lKzTt2XsEp2sY hYt0o5XNCL3v4J4BZ2GDhFPIgPSl/PN5hz13ER3ebSWDPdnlEXso2bIsfmufOOZl BpQ4u4Hu+fY42bGOYzr35MC0/cXrRLjrgijVhHLvyd8zBzTSm492EYJdAlh6xbJS i2hybYN3MxjpTW108rDzibL+8T/OE1kybPPelNW5O1xcZdFOz+/25NwlGToIIRBj xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15084719719482197646615386328447814308 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zaventem' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Deloitte Services & Investments' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NOC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oos.deloitte.be' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28333469965930440294364125681886785694417378834192061816808974204954997225547778758824096322137305739998833324374135856343695056735201498183355415261710631219031553584149763977911563467623787514834359964943469660287628761707136988728304425561046012104960854112456649154652410625794326129659657849011830981727395505325542726885394571273402043720396885692267713814771363211182356239578572655884533403020724943316861980782240166474179466767773058714765604143712933958317099238495263219859923120863679572194978529786756067352490218228729451710634013149514457196063436196689617503448069532164629641941861454393708689515461 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 43b6d7a8db4854dc342e163cf757088b62531312 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oos.deloitte.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oos-a.deloitte.be' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0059b498a3cf72be8d3f8c110c915bbfc12190f407130243eac67b1e41960287a571ad7220d59a9191027e8d2dc58bfc7164dc5e4699e5557f1541745789323f9b168d74595019b33559ebc7d98030a96a5995d5b5c9668bf2e635ed0833b759eae1ac3aeae95bac880d552669ac6668173f9b3b13507d8f241bf24dfc5c3f49e585b10f0d3d98d0bf997157ce0fb1ea58e609f7938c8cced9093afc620ec38ddb1fd8e219255b7fc01ca2325e72279c55d8015d5948615f2edd4f1df4e6250ca7af755d71b43c5e2a9db5edd3da11d27fb58535249744451049e778b0aca2c2698f91b997d70e3373bbb666ccbcf4a0ac2f8123a7d68671cb05cf05cdb72ff866