*.igssgt.org

- Instituto Guatemalteco de Seguridad Social -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 03:fd:52:e6:46:ba:32:b9:8d:d6:cb:26:88:85:ae:3c was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Instituto Guatemalteco de Seguridad Social

Organization: Instituto Guatemalteco de Seguridad Social
Locality: Guatemala City
Country: GT

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:fd:52:e6:46:ba:32:b9:8d:d6:cb:26:88:85:ae:3c
Serial Number (int): 5303016494517987157636899668329082428
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 21:6a:8b:9a:b1:9e:18:56:04:6d:46:00:79:93:9e:94:f5:fe:45:3c
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 5d:6a:81:91:c5:7d:a0:a2:a3:7a:08:96:2a:c2:cf:a3:d3:c3:be:45
Fingerprint (sha256): 97:a8:51:1e:e3:0c:97:8c:ba:b8:7f:f6:4c:be:6e:18:33:d0:4d:ef:d1:1f:5d:ee:65:03:c3:ad:1d:df:a3:a8

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate *.igssgt.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.igssgt.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.igssgt.org
igssgt.org

Other certificates including the domain name igssgt.org

(limited to 100 certificates)
*.igssgt.org
cmp.igssgt.org
*.igssgt.org
igssgt.org
*.igssgt.org
*.igssgt.org
gestion.igssgt.org
*.igssgt.org
mail.igssgt.org
*.igssgt.org
servicios.igssgt.org
*.igssgt.org
incapsula.com
*.igssgt.org
servicios.igssgt.org
igssgt.org
igssgt.org
orion.igssgt.org
gestion.igssgt.org
incapsula.com
*.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
gestion.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
orion.igssgt.org
*.igssgt.org
igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
cmp.igssgt.org
*.igssgt.org
gestion.igssgt.org
servicios.igssgt.org
*.igssgt.org
cmp.igssgt.org
igssgt.org
*.igssgt.org
*.igssgt.org
gestion.igssgt.org
*.igssgt.org
servicios.igssgt.org
*.igssgt.org
*.igssgt.org
*.igssgt.org
igssgt.org
sni.cloudflaressl.com
*.igssgt.org
cmp.igssgt.org
igssgt.org
*.igssgt.org

Certificate

The complete raw certificate details for *.igssgt.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGyTCCBbGgAwIBAgIQA/1S5ka6MrmN1ssmiIWuPDANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yNDAyMDEwMDAwMDBa
Fw0yNDEyMDgyMzU5NTlaMHIxCzAJBgNVBAYTAkdUMRcwFQYDVQQHEw5HdWF0ZW1h
bGEgQ2l0eTEzMDEGA1UEChMqSW5zdGl0dXRvIEd1YXRlbWFsdGVjbyBkZSBTZWd1
cmlkYWQgU29jaWFsMRUwEwYDVQQDDAwqLmlnc3NndC5vcmcwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCM8jjMGAlHLDzf9YzqD+35REU0OODlcTFlA9xC
2zs4TEpzDPIAy0y4PhuEw9mao2qMdp6mOiRfsOKgnQetUlfaLf6MKVRWwUWkLMO8
U9kkTCEsiMSNappqEzUyz+Z/YU8Bcs1bgYk/6L04Jo9ptwJemn9QzgtEPM/vFTSf
xW+Ydtz8c9NESXBsoVn656q4T3gKnWjGDmb5DHmMhoVe1XMjCqQQZMfAefPkcs+B
qPc08Sy5X96ZOG/3IJNHhrUXEXvIVLw8AnTL4T3U9nvzk0FvRJg+GsAGGn26ReVJ
ZnnqRqUxmHSx2TXaJRg1WKq4iecy8dnRiaJiXqFrgUaVaEUlAgMBAAGjggN8MIID
eDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUIWqL
mrGeGFYEbUYAeZOelPX+RTwwIwYDVR0RBBwwGoIMKi5pZ3NzZ3Qub3JnggppZ3Nz
Z3Qub3JnMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEt
NC5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRM
U1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUF
BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6
Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBD
QTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFp
AHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGNZnQ42wAABAMA
SDBGAiEA3xfHbWyziOPu6v9ECPXdV/Bb4yMEW6gISZshvze4rkICIQCNnauCnypY
yq0eN3TcBDx6JyyIuMSVrSLAo+hkX6O7RwB2AEiw42vapkc0D+VqAvqdMOscUgHL
Vt0sgdm7v6s52IRzAAABjWZ0OQkAAAQDAEcwRQIgSEJeUt0jPW/VPsyM94HgDIW7
f5rlJXG3r6S0rxGZs+QCIQCWe7GwUwE1Tryxeneaj06P2CimmVjeBxtbifO5P5ze
BQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABjWZ0OPkAAAQD
AEcwRQIhAPBSFHiVei8JIyCBXAhFULabX0Xy9+aOIUU/dY1EmXXnAiBLHw8sGK6P
4LfeyCwLq0vt8/7eOK9sdvUdAHy48jep4TANBgkqhkiG9w0BAQsFAAOCAQEApKxk
lGvtMoDm77KKRn2RqL0LGJvsMGbBImwqm7G4xO2W2+9rOwnGqrKs7lx9W2jduzy/
xdbboiQNnBU3pgOKkH95RZjOkOFT+CdO2ZIp+pHSEpMaOyUfAgx1gqH+kMBkDdkm
RWuvB3F3ux0WgjK0MuwoOPhP6PYGGhRC5y96Bn/gClWAaLJvy6yFAHBph4UdUWNz
DHVZvROx7fYvGv64ADdaUMeQmtDzvNczjmMXKu3zDJD7gDPtEuQkIceF3p8hUS1b
G0ZPSSI9mGN7OzTipx4ugXN6yyi0yBuWWxCNbUfNx4n4+XwvvvVg54Yi+T1mp0Xu
rMITwAjBGQIGbohYJA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPI4zBgJRyw83/WM6g/t
+URFNDjg5XExZQPcQts7OExKcwzyAMtMuD4bhMPZmqNqjHaepjokX7DioJ0HrVJX
2i3+jClUVsFFpCzDvFPZJEwhLIjEjWqaahM1Ms/mf2FPAXLNW4GJP+i9OCaPabcC
Xpp/UM4LRDzP7xU0n8VvmHbc/HPTRElwbKFZ+uequE94Cp1oxg5m+Qx5jIaFXtVz
IwqkEGTHwHnz5HLPgaj3NPEsuV/emThv9yCTR4a1FxF7yFS8PAJ0y+E91PZ785NB
b0SYPhrABhp9ukXlSWZ56kalMZh0sdk12iUYNViquInnMvHZ0YmiYl6ha4FGlWhF
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5303016494517987157636899668329082428
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Guatemala City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Instituto Guatemalteco de Seguridad Social'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.igssgt.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17792806748238690093545325759453616201082100479349727323796471768224577707823145723240591348082366437635621662935631312981844168696503976148102145040232552460091019817671338050374624658340913783471089505224360947043432389255457345602724629813406157260322468121994703462304835263624463775305124576688051417948894015645413672061198386301438926793005664503186987872833617728526523057173600339559815229653622229428500193035045386237198549586139377488739605017430021996952461450702403547239113619152161367509313554560412164417190454563452585253375454581631811551696286415481672045111031268977259569449890230018894933280037
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							216a8b9ab19e1856046d460079939e94f5fe453c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.igssgt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'igssgt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d667438db0000040300483046022100df17c76d6cb388e3eeeaff4408f5dd57f05be323045ba808499b21bf37b8ae420221008d9dab829f2a58caad1e3774dc043c7a272c88b8c495ad22c0a3e8645fa3bb4700760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d667439090000040300473045022048425e52dd233d6fd53ecc8cf781e00c85bb7f9ae52571b7afa4b4af1199b3e4022100967bb1b05301354ebcb17a779a8f4e8fd828a69958de071b5b89f3b93f9cde05007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018d667438f90000040300473045022100f0521478957a2f092320815c084550b69b5f45f2f7e68e21453f758d449975e702204b1f0f2c18ae8fe0b7dec82c0bab4bedf3fede38af6c76f51d007cb8f237a9e1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a4ac64946bed3280e6efb28a467d91a8bd0b189bec3066c1226c2a9bb1b8c4ed96dbef6b3b09c6aab2acee5c7d5b68ddbb3cbfc5d6dba2240d9c1537a6038a907f794598ce90e153f8274ed99229fa91d212931a3b251f020c7582a1fe90c0640dd926456baf077177bb1d168232b432ec2838f84fe8f6061a1442e72f7a067fe00a558068b26fcbac8500706987851d5163730c7559bd13b1edf62f1afeb800375a50c7909ad0f3bcd7338e63172aedf30c90fb8033ed12e42421c785de9f21512d5b1b464f49223d98637b3b34e2a71e2e81737acb28b4c81b965b108d6d47cdc789f8f97c2fbef560e78622f93d66a745eeacc213c008c11902066e885824