ocir.sa-vinhedo-1.oci.oraclecloud.com

- Oracle Corporation -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 05:b9:54:76:fd:48:8b:1b:8b:e3:be:72:85:f9:c3:bd was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Oracle Corporation

Organization: Oracle Corporation
State / Province: California
Locality: Redwood City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:b9:54:76:fd:48:8b:1b:8b:e3:be:72:85:f9:c3:bd
Serial Number (int): 7608428047470812960200499078461244349
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b1:ca:9d:af:23:d3:8c:74:f0:5a:3c:8c:42:9c:49:6c:1f:7b:bf:1b
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): 67:53:37:ac:d9:39:6f:73:11:50:d0:9f:aa:ce:1d:56:db:8d:d3:1e
Fingerprint (sha256): 8e:a1:7c:3b:96:0d:9e:dc:bc:4a:81:b0:3f:54:16:56:a9:f4:b4:4c:1c:73:e0:e9:b5:8f:bb:0f:53:41:33:d0

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate ocir.sa-vinhedo-1.oci.oraclecloud.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ocir.sa-vinhedo-1.oci.oraclecloud.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ocir.sa-vinhedo-1.oci.oraclecloud.com
sa-vinhedo-1.ocir.io
vcp.ocir.io

Other certificates including the domain name oraclecloud.com

(limited to 100 certificates)
*.prj.us9.oraclecloud.com
*.ic.em3.oraclecloud.com
kms.ap-hyderabad-1.oraclecloud.com
ecra1-mgmt-exadata.uspp1.oraclecloud.com
bi.pp1.oraclecloud.com
streaming-delta.eu-frankfurt-1.oci.oraclecloud.com
*.storage.oraclecloud.com
*.eu-frankfurt-1.clusters.oci.oraclecloud.com
*.cloudem3.audc1.oraclecloud.com
digitalassistant.us-ashburn-1.oci.oraclecloud.com
*.bi.us2.oraclecloud.com
*.crm.us1.oraclecloud.com
*.hcm.ap5.oraclecloud.com
query.us-ashburn-1.oraclecloud.com
commercial.us-phoenix-1.oci.oraclecloud.com
*.bi.la1.oraclecloud.com
*.fs.em3.oraclecloud.com
helm-api.us-phoenix-1.oraclecloud.com
*.fs.ap5.oraclecloud.com
*.bi.us4.oraclecloud.com
console.ca-toronto-1.oraclecloud.com
aconex-status.oraclecloud.com
cwp.status.symantec.com
stg-cloud.oracle.com
statuspage.io
cgclmta01.ca3.oraclecloud.com
chclc4r210s1imap02.usdc2.oraclecloud.com
*.prj.la1.oraclecloud.com
mbclrp3980.ap4.oraclecloud.com
kms.us-phoenix-1.oraclecloud.com
aconex-status.oraclecloud.com
notification.ap-seoul-1.oci.oraclecloud.com
g1chclrp3980.us8.oraclecloud.com
cheis01nasx25.infra.oraclecloud.com
*.scm.us2.oraclecloud.com
*.prj.ap2.oraclecloud.com
*.hed.us1.oraclecloud.com
oc-141-144-146-91.compute.oraclecloud.com
oc-129-191-52-117.compute.oraclecloud.com
syd10-c-ad1-web-01.ap1.oraclecloud.com
*.fa.ca3.oraclecloud.com
*.cx.usd.oraclecloud.com
*.iad.bca.ocs.oraclecloud.com
nlclrv3990.em2.oraclecloud.com
*.scm.us2.oraclecloud.com
streaming.ap-sydney-1.oci.oraclecloud.com
nlclc2r303s2imap01.nldc1.oraclecloud.com
*.pbcs.us2.oraclecloud.com
statuspage.io
*.ic.oraclecloud.com
*.crm.us2.oraclecloud.com
ndcs.eu-zurich-1.oci.oraclecloud.com
mbclc1r402s1imap01.audc2.oraclecloud.com
*.fs.ap1.oraclecloud.com
g1iad38-opc-c7r111-zfs-1-ilom.usdc9.oraclecloud.com
statuspage.io
sgsmtp.email.ap-melbourne-1.oci.oraclecloud.com
*.prc.ap4.oraclecloud.com
*.prj.em2.oraclecloud.com
*.hcm.us4.oraclecloud.com
*.compute.us6.oraclecloud.com
*.fin.stg.us1.oraclecloud.com
ingestion.osms.me-abudhabi-1.oci.oraclecloud.com
*.fin.us9.oraclecloud.com
*.prc-sp.ap2.oraclecloud.com
oc-140-86-15-116.compute.oraclecloud.com
storage-gateway.eu-frankfurt-1.oci.oraclecloud.com
*.fs.la1.oraclecloud.com
*.prj.ap4.oraclecloud.com
search-head.phx-pp.ssvcs.ocp.oraclecloud.com
*.ic.us8.oraclecloud.com
*.ic.oraclecloud.com
*.social.ap4.oraclecloud.com
resourcemanager.uk-london-1.oraclecloud.com
concor-apics-production-lb-1.oraclecloud.com
g1iad38-opc-c7r105-zfs-2-ilom.usdc9.oraclecloud.com
*.cadc2.oraclecloud.com
*.ic.em5.oraclecloud.com
*.identity.us.oraclecloud.com
*.apm-agt.ap-mumbai-1.oci.oraclecloud.com
g1cheis01nasx11.usdc8.oraclecloud.com
*.fs.us1.oraclecloud.com
*.fs.ap1.oraclecloud.com
grafana.fra.ssvcs.ocp.oraclecloud.com
*.prc.ap2.oraclecloud.com
ctrl.email.ca-montreal-1.oci.oraclecloud.com
caal-test.social.us1.oraclecloud.com
*.scm.ap5.oraclecloud.com
*.ic.pp1.oraclecloud.com
*.fin.us1.oraclecloud.com
*.fin.ap4.oraclecloud.com
*.login.oraclecloud.com
fa.hsm.sa-santiago-1.ocs.oraclecloud.com
oc-129-150-200-210.compute.oraclecloud.com
*.scm.oraclecloud.com
qalw.oraclecloud.com
slc1-p-ad1-log-01.us11.oraclecloud.com
query.uk-london-1.oraclecloud.com
faopccicd.pp1.oraclecloud.com
interact.aftm9.origin.responsys.ocs.oraclecloud.com

Certificate

The complete raw certificate details for ocir.sa-vinhedo-1.oci.oraclecloud.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHLjCCBhagAwIBAgIQBblUdv1IixuL475yhfnDvTANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
NDAzMDAwMDAwWhcNMjUwNDAyMjM1OTU5WjCBhjELMAkGA1UEBhMCVVMxEzARBgNV
BAgTCkNhbGlmb3JuaWExFTATBgNVBAcTDFJlZHdvb2QgQ2l0eTEbMBkGA1UEChMS
T3JhY2xlIENvcnBvcmF0aW9uMS4wLAYDVQQDEyVvY2lyLnNhLXZpbmhlZG8tMS5v
Y2kub3JhY2xlY2xvdWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsOHU1Q498lZy7GKM0MNpqLl/xv2oDYk8L5FdQRz8yekf92uYPzKVNH1+QJTc
Ha4D0v3e8eY/5/rFFH3sqorJRfgW1d8cU9eC3z/U1+8WPcp4ceYel+TAXC6JCq4K
GlEyNtKqPQDx08w6S8QlE9jyh+JNuJBS69S2jOiBDTVd54J2cqy7BijLK6fet6MO
M0ajk7IabQYvlhkGmiQwcY+5cRUHTa6HCkJRhsN5ViAYOJBO/JLwsyKi73bEPyU3
pIuShERscsIE4NAyCtCoZT5aVsDyuBRvvptNHB2FmtqtPZtKMY3MyaJWT8Sn9y+S
de5c/gU2OAk+PfooWtlVzy4QHQIDAQABo4IDwjCCA74wHwYDVR0jBBgwFoAUdIWA
wGbH3zfez70pN6oDHb7tzRcwHQYDVR0OBBYEFLHKna8j04x08Fo8jEKcSWwfe78b
MFMGA1UdEQRMMEqCJW9jaXIuc2EtdmluaGVkby0xLm9jaS5vcmFjbGVjbG91ZC5j
b22CFHNhLXZpbmhlZG8tMS5vY2lyLmlvggt2Y3Aub2Npci5pbzA+BgNVHSAENzA1
MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNv
bS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5j
b20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwSKBG
oESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExT
UlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUF
BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6
Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hB
MjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfAYKKwYBBAHWeQIEAgSC
AWwEggFoAWYAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY6k
7x6+AAAEAwBHMEUCICT7sCMXBNNA3DOQCoRwy69DvxMmNDEHnu2vUD/5R+5LAiEA
pf+1aNNAZTXqb7SqmldILrvwGpP+ouYB3u9xSwI1vj0AdQB9WR4S4XgqexxhZ3xe
/fjQh1wUoE6VnrkDL9kOjC55uAAAAY6k7x59AAAEAwBGMEQCIC/J2I9Hd3MkLuuy
KxMh2SqL+7ccNXu+JS6dK5rsHNEUAiAI+mj6UM2vr2gmEqybfhDff20NAd4ObXvx
uK93jY//aQB1AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjqTv
Ho0AAAQDAEYwRAIgcFh+gp/ZdW06qytRWh37y7Gx02FqznvBRsPHhybS0zcCIDl7
bzuCS8U/JRtB+cOQMP4OZPHBXJmfbhfs/CrtR2j7MA0GCSqGSIb3DQEBCwUAA4IB
AQAcLS0A0Knf6y20VjY56ankuqO7jt/RUGoW7r5H6/coUJO4s9SgAotDHAop2WXl
epZYLjn14H+he882Q4s1Mcw55jPAdwDaDynu6ct5mOxECS1X7pzyElLTczQJMigv
P0fJJCfHR33qKThmm25c5qOQZVShHFMylZ6NjWQO7TDiv4Wr2SyFAh6NqjRrNz4T
lTNfn5vSJWACcWQ1ppcEzEcUmYNcjBY5xNJ/gA0BU2KFjn7a05mk0M1m0qWoa1dP
hr3Tk7w9agDMHV9JZoIuqkKJnPdLHzJk2HjHrHorDkMUOolWkCwwCc/OGTDMad5i
YYvY3QludHToyzh1st+bRULf
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOHU1Q498lZy7GKM0MNp
qLl/xv2oDYk8L5FdQRz8yekf92uYPzKVNH1+QJTcHa4D0v3e8eY/5/rFFH3sqorJ
RfgW1d8cU9eC3z/U1+8WPcp4ceYel+TAXC6JCq4KGlEyNtKqPQDx08w6S8QlE9jy
h+JNuJBS69S2jOiBDTVd54J2cqy7BijLK6fet6MOM0ajk7IabQYvlhkGmiQwcY+5
cRUHTa6HCkJRhsN5ViAYOJBO/JLwsyKi73bEPyU3pIuShERscsIE4NAyCtCoZT5a
VsDyuBRvvptNHB2FmtqtPZtKMY3MyaJWT8Sn9y+Sde5c/gU2OAk+PfooWtlVzy4Q
HQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7608428047470812960200499078461244349
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redwood City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oracle Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ocir.sa-vinhedo-1.oci.oraclecloud.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22329303276021342875904630345641654287254585207501369938620251617455764611780450002236352536297339479654333339571407980909623594823175508221150589476205427068114364445578322466795234540184400091351747620916247772764785844823520810909879533135197276062134980302949988473185274188525673152070630910568435313366199816101572833936737936590647073439981427553515265796251791662004221194132875083328322875346534545991839809676966751458702566957843401528240741800877755430615064306149284342156292201244472818093720669706049162981199950504490381314793686981955384201445781857726811279607586362939195934063165899035466217164829
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b1ca9daf23d38c74f05a3c8c429c496c1f7bbf1b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ocir.sa-vinhedo-1.oci.oraclecloud.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sa-vinhedo-1.ocir.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vcp.ocir.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							01660076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ea4ef1ebe0000040300473045022024fbb0231704d340dc33900a8470cbaf43bf13263431079eedaf503ff947ee4b022100a5ffb568d3406535ea6fb4aa9a57482ebbf01a93fea2e601deef714b0235be3d0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ea4ef1e7d000004030046304402202fc9d88f477773242eebb22b1321d92a8bfbb71c357bbe252e9d2b9aec1cd114022008fa68fa50cdafaf682612ac9b7e10df7f6d0d01de0e6d7bf1b8af778d8fff69007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ea4ef1e8d0000040300463044022070587e829fd9756d3aab2b515a1dfbcbb1b1d3616ace7bc146c3c78726d2d3370220397b6f3b824bc53f251b41f9c39030fe0e64f1c15c999f6e17ecfc2aed4768fb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001c2d2d00d0a9dfeb2db4563639e9a9e4baa3bb8edfd1506a16eebe47ebf7285093b8b3d4a0028b431c0a29d965e57a96582e39f5e07fa17bcf36438b3531cc39e633c07700da0f29eee9cb7998ec44092d57ee9cf21252d373340932282f3f47c92427c7477dea2938669b6e5ce6a3906554a11c5332959e8d8d640eed30e2bf85abd92c85021e8daa346b373e1395335f9f9bd2256002716435a69704cc471499835c8c1639c4d27f800d015362858e7edad399a4d0cd66d2a5a86b574f86bdd393bc3d6a00cc1d5f4966822eaa42899cf74b1f3264d878c7ac7a2b0e43143a8956902c3009cfce1930cc69de62618bd8dd096e7474e8cb3875b2df9b4542df