XP Investimentos S/A

- XP Investimentos S/A -

Issued by DigiCert Verified Mark RSA4096 SHA256 2021 CA1

About this certificate

This digital certificate with serial number 09:d8:7a:9d:43:8f:92:02:13:25:e3:ab:07:82:22:8b was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

XP Investimentos S/A

Company registration number: 16.838.421/0001-26
Organization: XP Investimentos S/A
Address: Av. Chedid Jafet, 75 - Torre Sul - Vila Olímpia
Locality: São Paulo
Country: BR

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 09:d8:7a:9d:43:8f:92:02:13:25:e3:ab:07:82:22:8b
Serial Number (int): 13087074997209987421204332377419162251
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 45:6e:f8:c8:e8:8d:bd:ed:37:b6:72:f3:bf:79:b5:ce:10:f0:2c:fc
AuthorityKeyId: be:9f:bd:8d:57:6d:95:b5:ad:63:c3:97:4e:ab:a8:84:5d:3a:07:f5

Fingerprint (sha1): d7:9f:3c:c1:e3:ae:ca:e6:91:eb:98:20:36:76:0a:68:26:5a:da:1e
Fingerprint (sha256): 9c:93:9b:74:6e:b0:65:5b:2a:5f:21:6e:33:e7:d6:26:4a:bc:03:b9:6d:91:2a:28:cf:82:0d:74:90:fe:5a:2c

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt

Revocation information

CRL Distribution Point: http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl

Check the revocation status for certificate XP Investimentos S/A

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for XP Investimentos S/A

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Extended Key Usages

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rico.com.vc
maisrico.com.vc

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for XP Investimentos S/A in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILFjCCCP6gAwIBAgIQCdh6nUOPkgITJeOrB4IiizANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNzA1BgNVBAMT
LkRpZ2lDZXJ0IFZlcmlmaWVkIE1hcmsgUlNBNDA5NiBTSEEyNTYgMjAyMSBDQTEw
HhcNMjIwOTA3MDAwMDAwWhcNMjMwOTA3MjM1OTU5WjCCATwxEzARBgsrBgEEAYI3
PAIBAxMCQlIxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRswGQYDVQQF
ExIxNi44MzguNDIxLzAwMDEtMjYxCzAJBgNVBAYTAkJSMRMwEQYDVQQHDApTw6Nv
IFBhdWxvMTkwNwYDVQQJDDBBdi4gQ2hlZGlkIEphZmV0LCA3NSAtIFRvcnJlIFN1
bCAtIFZpbGEgT2zDrW1waWExHTAbBgNVBAoTFFhQIEludmVzdGltZW50b3MgUy9B
MR0wGwYDVQQDExRYUCBJbnZlc3RpbWVudG9zIFMvQTEfMB0GCisGAQQBg55fAQ0T
D1JlZ2lzdGVyZWQgTWFyazESMBAGCisGAQQBg55fAQMTAkJSMRkwFwYKKwYBBAGD
nl8BBBMJOTIxMjY4MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
vpQj0p8sTvTpHBpvc/AA7Re7WbDsEZsjCz4PqOfBhdyZSXxLT2jUeSr8i64Z4rkk
OFETcMHyGneF3djbo8udz9SXI+CnEx8K9b/iM4Ih1SZbafP+a+bSVS5+z3O76d20
72pxQvUVWMRDrVuoHEbKdq2V/PyYuRLoYq+aZoMV6YhNaSa6ze1oItl62A4tvhpb
VEnsUsRCgu1VVEUWl0mp0YEzK4LnNYRD6B5Z444SNfu8/2aPAoyfH+7xy9Yn7tci
eHnm1s3oxzvXMDnWpmoPr1ng+NBqsiu5jYnLZgmcSgpf7cphuRQLCHgXPp/6XtZh
QswfrpPfBj7deMt8aAsgjQIDAQABo4IF7TCCBekwHwYDVR0jBBgwFoAUvp+9jVdt
lbWtY8OXTquohF06B/UwHQYDVR0OBBYEFEVu+Mjojb3tN7Zy8795tc4Q8Cz8MCcG
A1UdEQQgMB6CC3JpY28uY29tLnZjgg9tYWlzcmljby5jb20udmMwEwYDVR0lBAww
CgYIKwYBBQUHAx8wgaUGA1UdHwSBnTCBmjBLoEmgR4ZFaHR0cDovL2NybDMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0VmVyaWZpZWRNYXJrUlNBNDA5NlNIQTI1NjIwMjFD
QTEuY3JsMEugSaBHhkVodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRW
ZXJpZmllZE1hcmtSU0E0MDk2U0hBMjU2MjAyMUNBMS5jcmwwUAYDVR0gBEkwRzA3
BgpghkgBhv1sAAIFMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzAMBgorBgEEAYOeXwEBMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VmVyaWZpZWRN
YXJrUlNBNDA5NlNIQTI1NjIwMjFDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggNsBggr
BgEFBQcBDASCA14wggNaooIDVqCCA1IwggNOMIIDSjCCA0YWDWltYWdlL3N2Zyt4
bWwwIzAhMAkGBSsOAwIaBQAEFKjlO9BHzsjtbD2t4NDIAojBLIAlMIIDDhaCAwpk
YXRhOmltYWdlL3N2Zyt4bWw7YmFzZTY0LEg0c0lBQUFBQUFBQUNtMVNUVytiUUJB
OW0xOHgzWjRxN1M3N3haZGxIRFZXRytWUUtXcWtYQ3NDR3h1VkFJSzFjZlByTzd0
VWJRNjFzSG5Nekw3MzVwbmR6ZlcxZzR1ZDVuYm9TeUs1SUdEN2VtamEvbGlTczN0
aE9iblpSN3NQak1HZDdlMVV1V0hhd3VkbWVMWnczM1huMllVU3FKUXJMaWs4UHQz
QmwrczRUQTRldXZPUjNmZkFRL0ZwMWRoQ3lvV0EyM1BiTlNBK0FUQ0c5UFBsK042
RUl2QmN6ZlpoR2w3YXpwYkV0ZjB2TnM0RTJxWWtoK3ExYXFvZmtrUWJRUFA5WEpL
VGMrTTJqcGRsNFl2bXczU01sUkFpUmxheWpteXZYZHYvL04rZ0xJb2lEbDBDY0du
dGNqdGNTeUpBZ0U3RDE4dDRrdTA4VmpWNkdTYzcyK2xpQ2RwMnJldnMvbnRiRDd0
NHhkRnVzclVEdE4yVjVPUFg4Q0d3dEkwN2xjU3p3Y20yeDVOYkgyS2NIeXQzK2pl
Zm9IRUN1T1UzWlNUUHFaU21abG9qRWl4SnVLR3E0SkpsQ1VhZFlFY1dQS1BLOEl4
cGdRaVBaQ3dSNFk3TkhLY0UwNWduazRibks5S0s1OUdtRnI2ZFVLbjhXU3hSTGNP
OXpybWlnc3FNcDFSNzhwUnJuT3BRU1RPbGtEWFFLYVl5cGdSNk1ZYW5BUjF5L3dL
Z1lYUkdwVkZJNEVHV2VUV3FVMTRnR1UwMVhqaVg2aHA5RzVUQ1NZbUVhQ2IxOW5Y
R1pZM2VVRnBqVGZ1bGZjMGYwd0hWeU9VUFlpRm42QzliVWFxanpVR0wxSnNJNmly
TC94ajZtK1ViWUs1ZVNva0NkL1g1aFlod0k4MExaaEw4OFNuVkVuZnlxWVM0dFVG
bDdKbUFhaDhGeW11dklYMHJvRFhYUitXWFdPbnBPNm0zOEYvN04zSWYvUWE3ZDkw
RGRBTUFBQT09MIGKBgorBgEEAdZ5AgQCBHwEegB4AHYAVVlTrjCWAIBs0utSCKbJ
npMYKKwQVrRCHFU2FUxfdawAAAGDF0DDNwAABAMARzBFAiB8ehvGIQKMLHb2iyf3
sWa1x2eVTSYbzGETOVpTqXcQUgIhAPyr/mExr83JirKOKliBSamhzZinshJnTrQE
WknbCrZeMA0GCSqGSIb3DQEBCwUAA4ICAQCGuKM99JfuTWLCJdrBOVO/Y0uxAiZk
LsGSowxpaqblyvOmw0ZegAT2BcvBZmAtO/PwB0r0b2mNSt4bpK3+rSL+SS3Q+DH8
ag9IbDQxDrsXs3YS5vj7zQPXJcykYIB3t56h4LcuHCz1c0e4anD8it2W3cFh4s8e
UJFTJTE7LoB18FCRlwcpfd2JmoOXqvW4C7BvM/GwUUEkfhyX3769xEAGjc6zYqld
5/0qIrJwVy3eS20p6Q1KQPM7BmR6O8xz1bMKCIJkXvle9axvN8m9IGgMgVOWYo7p
d4/QnSm7+sRk8ApU9v4VW8PYiQzpIKzZwSgC89tD0DYXdPiSBqKv1j0yJLp5I9eq
uGRzESl7CivCiHPyVosMemg9eWhHS4RfKxWinqFEqew47td8SEqLHcHxMx/eJAKI
aC/U2vg7KgwW0U/QxiGZnLKFixKJG0PAiX10iBdsqBYanblBik0SG2sZV46kQCQU
t/0vqQUcRuHxLpH1I4w4B1cpQnKt0I78xpYpWm4dce/FK8EgWm6WQ2kkv88GYMQI
h2PO3VRskLzVQj5BBBRTNrRNIKpE5ZLYcuGpq6wjnKLiy84pEJJ8q+FBnjuhAdOp
N938f5bL82SWHNsUOXQCsJG/xcUc25bpgArsp5wIsO1gACpceT+6ljL10z6Rkdqp
SopYPlbJyqCsJA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpQj0p8sTvTpHBpvc/AA
7Re7WbDsEZsjCz4PqOfBhdyZSXxLT2jUeSr8i64Z4rkkOFETcMHyGneF3djbo8ud
z9SXI+CnEx8K9b/iM4Ih1SZbafP+a+bSVS5+z3O76d2072pxQvUVWMRDrVuoHEbK
dq2V/PyYuRLoYq+aZoMV6YhNaSa6ze1oItl62A4tvhpbVEnsUsRCgu1VVEUWl0mp
0YEzK4LnNYRD6B5Z444SNfu8/2aPAoyfH+7xy9Yn7tcieHnm1s3oxzvXMDnWpmoP
r1ng+NBqsiu5jYnLZgmcSgpf7cphuRQLCHgXPp/6XtZhQswfrpPfBj7deMt8aAsg
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13087074997209987421204332377419162251
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Verified Mark RSA4096 SHA256 2021 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '16.838.421/0001-26'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'São Paulo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Av. Chedid Jafet, 75 - Torre Sul - Vila Olímpia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'XP Investimentos S/A'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'XP Investimentos S/A'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.13
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Registered Mark'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.4
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '921268157'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24058328466938185357850125559502202947758596646552932409696492780436264556213413179948274255089079794568719684227316892745980936904572771486365278075758448203630563278181045271239354243544946692272787692525294513044641392812538167165117008685334932494162024138933442530001702350898185738662142897217355617773234536496844198831967352458224119271506617212870240977863967921406690278212953180268036913361625939046894762455181741538576947727936156014093717463611397283639992057897078490284497948909783387202994109725561333188729464802023159437910446279011835362521589268201539196317009309556351821808274500740891879874701
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName be9fbd8d576d95b5ad63c3974eaba8845d3a07f5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							456ef8c8e88dbded37b672f3bf79b5ce10f02cfc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rico.com.vc'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maisrico.com.vc'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.31
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.0.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertVerifiedMarkRSA4096SHA2562021CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.12 (logoType)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (862 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|true] IA5String 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'image/svg+xml'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.14.3.2.26 (sha1)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
															a8e53bd047cec8ed6c3dade0d0c80288c12c8025
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'data:image/svg+xml;base64,H4sIAAAAAAAACm1STW+bQBA9m18x3Z4q7S77xZdlHDVWG+VQKWqkXCsCGxuVAIK1cfPrO7tUbQ61sHnMzL735pndzfW1g4ud5nboSyK5IGD7emja/liSs3thObnZR7sPjMGd7e1UuWHawudmeLZw33Xn2YUSqJQrLik8Pt3Bl+s4TA4euvOR3ffAQ/Fp1dhCyoWA23PbNSA+ATCG9PPl+N6EIvBczfZhGl7azpbEtf0vNs4E2qYkh+q1aqofkkQbQPP9XJKTc+M2jpdl4Yvmw3SMlRAiRlayjmyvXdv//N+gLIoiDl0CcGntcjtcSyJAgE7D18t4ku08VjV6GSc72+liCdp2revs/ntbD7t4xdFusrUDtN2V5OPX8CGwtI07lcSzwcm2x5NbH2KcHyt3+jefoHECuOU3ZSTPqZSmZlojEixJuKGq4JJlCUadYEcWPKPK8IxpgQiPZCwR4Y7NHKcE05gnk4bnK9KK59GmFr6dUKn8WSxRLcO9zrmigsqMp1R78pRrnOpQSTOlkDXQKaYypgR6MYanAR1y/wKgYXRGpVFI4EGWeTWqU14gGU01XjiX6hp9G5TCSYmEaCb19nXGZY3eUFpjTfulfc0f0wHVyOUPYiFn6C9bUaqjzUGL1JsI6irL/xj6m+UbYK5eSokCd/X5hYhwI80LZhL88SnVEnfyqYS4tUFl7JmAah8FymuvIX0roDXXR+WXWOnpO6m38F/7N3If/Qa7d90DdAMAAA=='
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:0|false] reserved for BER 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0086b8a33df497ee4d62c225dac13953bf634bb10226642ec192a30c696aa6e5caf3a6c3465e8004f605cbc166602d3bf3f0074af46f698d4ade1ba4adfead22fe492dd0f831fc6a0f486c34310ebb17b37612e6f8fbcd03d725cca4608077b79ea1e0b72e1c2cf57347b86a70fc8add96ddc161e2cf1e50915325313b2e8075f050919707297ddd899a8397aaf5b80bb06f33f1b05141247e1c97dfbebdc440068dceb362a95de7fd2a22b270572dde4b6d29e90d4a40f33b06647a3bcc73d5b30a0882645ef95ef5ac6f37c9bd20680c815396628ee9778fd09d29bbfac464f00a54f6fe155bc3d8890ce920acd9c12802f3db43d0361774f89206a2afd63d3224ba7923d7aab8647311297b0a2bc28873f2568b0c7a683d7968474b845f2b15a29ea144a9ec38eed77c484a8b1dc1f1331fde240288682fd4daf83b2a0c16d14fd0c621999cb2858b12891b43c0897d7488176ca8161a9db9418a4d121b6b19578ea4402414b7fd2fa9051c46e1f12e91f5238c380757294272add08efcc696295a6e1d71efc52bc1205a6e96436924bfcf0660c4088763cedd546c90bcd5423e4104145336b44d20aa44e592d872e1a9abac239ca2e2cbce2910927cabe1419e3ba101d3a937ddfc7f96cbf364961cdb14397402b091bfc5c51cdb96e9800aeca79c08b0ed60002a5c793fba9632f5d33e9191daa94a8a583e56c9caa0ac24