*.otpbank.com.ua

Issued by RapidSSL Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 05:40:f8:56:a2:c4:bf:fb:ef:35:2c:5d:77:bf:55:b0 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.otpbank.com.ua

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:40:f8:56:a2:c4:bf:fb:ef:35:2c:5d:77:bf:55:b0
Serial Number (int): 6983483879448917844813250013343733168
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ea:75:62:58:04:7a:d9:63:12:90:c1:dc:d9:41:7b:46:47:45:05:e3
AuthorityKeyId: f0:9c:85:fd:a2:9f:7d:8f:c9:68:bb:d5:d4:89:4d:1d:be:d3:90:ff

Fingerprint (sha1): de:cf:3f:c8:a6:10:87:2a:69:02:9d:c8:4b:9d:bc:00:8e:ce:e4:d2
Fingerprint (sha256): a3:4a:29:d0:c8:fe:f2:d2:e2:8c:67:e7:e5:ba:c3:30:93:e5:b6:f2:96:28:ff:23:a3:87:ed:be:ed:e1:3d:ec

Issuing Certificate URL: http://cacerts.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate *.otpbank.com.ua

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.otpbank.com.ua

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.otpbank.com.ua
otpbank.com.ua

Other certificates including the domain name otpbank.com.ua

(limited to 100 certificates)
ra.otpbank.com.ua
bpmmarketiis.otpbank.com.ua
ra.otpbank.com.ua
ua.otpbank.com.ua
chatclb.otpbank.com.ua
www.otpbank.com.ua
livechat.otpbank.com.ua
www.otpbank.com.ua
ra.otpbank.com.ua
ua.otpbank.com.ua
*.otpbank.com.ua
ua.otpbank.com.ua
gateway.otpbank.com.ua
tender.otpbank.com.ua
ibank.otpbank.com.ua
www.otpbank.com.ua
gateway.otpbank.com.ua
uaafasttack.otpbank.com.ua
rdweb.otpbank.com.ua
chatclb.otpbank.com.ua
ibank.otpbank.com.ua
*.otpbank.com.ua
www.otpbank.com.ua
ibank.otpbank.com.ua
lmsmoco.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
gw.otpbank.com.ua
ibank.otpbank.com.ua
gw.otpbank.com.ua
rdweb.otpbank.com.ua
ua.otpbank.com.ua
uaafasttacktst.otpbank.com.ua
rdweb.otpbank.com.ua
ua.otpbank.com.ua
livechat.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
*.otpbank.com.ua
chatclb.otpbank.com.ua
mailgw02.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
uaafasttacktst.otpbank.com.ua
uaanginxprod.otpbank.com.ua
www.otpbank.com.ua
storage.otpbank.com.ua
chatclb.otpbank.com.ua
*.otpbank.com.ua
broker.otpbank.com.ua
www.otpbank.com.ua
uaaspamedge.otpbank.com.ua
ua.otpbank.com.ua
rdweb.otpbank.com.ua
ibank.otpbank.com.ua
livechat.otpbank.com.ua
broker.otpbank.com.ua
uaaspamedge01.otpbank.com.ua
www.otpbank.com.ua
chatclb.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
www.otpbank.com.ua
ua.otpbank.com.ua
ua.otpbank.com.ua
mailgw02.otpbank.com.ua
www.otpbank.com.ua
chatclb.otpbank.com.ua
uaaspamedge02.otpbank.com.ua
storage.otpbank.com.ua
www.otpbank.com.ua
ua.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
sip.otpbank.com.ua
livechat.otpbank.com.ua
ibankpilot.otpbank.com.ua
ua.otpbank.com.ua
www.otpbank.com.ua

Certificate

The complete raw certificate details for *.otpbank.com.ua in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHoDCCBYigAwIBAgIQBUD4VqLEv/vvNSxdd79VsDANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K1JhcGlkU1NMIEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMxMDE4MDAwMDAwWhcNMjQxMDA2MjM1OTU5WjAbMRkwFwYDVQQDDBAqLm90cGJh
bmsuY29tLnVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bJbLV8l
3n03z6QhpopY35nJLKekLv+nPQihtsRnxFYKMCTOc6qvJfHjZvPhygHA9QxTFJNl
MCLu0ju3quSuLA7PpTHtkGJ/T+gqIz8AcH6bodkyB5UHsyin+VEK67oRKuWsdlNy
E4kScSvESkFHCpHVlcyO+dcPbUpkUSuBOJsuAuxuRcvNFdTX9X52x0y6w3kbjT/F
6LnZuMX2qfctZiwARbL5WbdPDWL1dfb7rlKnjA4e1KoFdvhjYpWsY4qe1JVao5+P
2Bt+5G4qbdHvQlBuXswN6iW5mpDCO3Jb2D2MZ9HEsWLk4VjuSzdZGS0KWKm9XbML
UafNyZsp+hVo5wIDAQABo4IDnTCCA5kwHwYDVR0jBBgwFoAU8JyF/aKffY/JaLvV
1IlNHb7TkP8wHQYDVR0OBBYEFOp1YlgEetljEpDB3NlBe0ZHRQXjMCsGA1UdEQQk
MCKCECoub3RwYmFuay5jb20udWGCDm90cGJhbmsuY29tLnVhMD4GA1UdIAQ3MDUw
MwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t
L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
bS9SYXBpZFNTTEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEag
RIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNB
NDA5NlNIQTI1NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUH
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDov
L2NhY2VydHMuZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNI
QTI1NjIwMjJDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIB
bwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi0Lv
CcEAAAQDAEcwRQIgGxfP5HZ6SrDlPucnSCpGIuO3jYr4akNcjVMxhdMXm8sCIQDF
KeuakSWkpRq8mX597P4sGqoztHMkroiKm+cAIgA2aAB2AEiw42vapkc0D+VqAvqd
MOscUgHLVt0sgdm7v6s52IRzAAABi0LvCX8AAAQDAEcwRQIgVAmC9YWASRR34DHi
oQePh8GlpAYo9EIiKIEkwLNnJFMCIQDdWhlr/BKro8WPpDe/QaARQbnw09llkunK
AVwwOM2BIgB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABi0Lv
CVsAAAQDAEgwRgIhAN71hYidpCb3cJEadaQEn8tLyCInHCPX7fzZDzr5soRWAiEA
9P0PgkiSOxnxQZhaVaeTE8ZIjWpN6EvazpzWv8ohFkAwDQYJKoZIhvcNAQELBQAD
ggIBAEJXYc1/atQjc2ir/ahXYoK8gAPBN8oQjyO2aKYoQjsA5zLzqnEXVdo1oPCj
J00d2c27h5yIpRWK8fmBrvrouUDJtViYvaCm4ghO7yI0ifnbRPVzYECzxWEip9p1
JAbocBxkDJ8zcM0c4jtOF8X/59+qHuIIckGJ/1J/JkHc+CVkMzUtoFQ0nls6ye04
MUEL66WK3uLkrkD+NLraXSNMTSUkowHN9sIGcUoKOmPVuYqA9SNy/Zw2NlDAH1lI
cH3HiKYdoz2P3fv7K4m2w/Tzg4MVr3G0op1iuSuGmb1ZOTPEA5KoDMTui4SU8Q75
tY5bN/HJVdi06/EfIb5eFm8PYIXJ6mfUMgLalraA3OLf5PU3+yxWVzYkX5nXW9RG
ZGMJkbgdtjG7Tw6ajzktzh+YG5AslgZsoAjY6iN+l8QOGmGHJjwI6bfSHLSz9vcZ
LqX95PIcyNSFUFLZQLjxqf2blm9LzSqU+TQ5i4mexz59qrU4z3+CRCvPZxM4o4qc
VWAo3U8BRv/KuBQptnxGquerJONg/nk7uRuJd8t5sq66hLxz4bERzlfV1S6oCnwZ
51MeLf2DbczHT8uadTxyk+nZ72hs/CWfjiVypnMc/1L5qxyGEfaerIfQK7dZ5Snt
GiLhF4byFrgrDvWnVxxMCVd1VlyeYfhPo12gdT4e4c/dmbPe
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bJbLV8l3n03z6QhpopY
35nJLKekLv+nPQihtsRnxFYKMCTOc6qvJfHjZvPhygHA9QxTFJNlMCLu0ju3quSu
LA7PpTHtkGJ/T+gqIz8AcH6bodkyB5UHsyin+VEK67oRKuWsdlNyE4kScSvESkFH
CpHVlcyO+dcPbUpkUSuBOJsuAuxuRcvNFdTX9X52x0y6w3kbjT/F6LnZuMX2qfct
ZiwARbL5WbdPDWL1dfb7rlKnjA4e1KoFdvhjYpWsY4qe1JVao5+P2Bt+5G4qbdHv
QlBuXswN6iW5mpDCO3Jb2D2MZ9HEsWLk4VjuSzdZGS0KWKm9XbMLUafNyZsp+hVo
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6983483879448917844813250013343733168
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.otpbank.com.ua'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30006428977945432138201892191933020163486558357020494483220350884905601056345608982588390017547259982096270934227193769865755262287755682506570233082895961310213724694093878429656956683309676283479039101543382692131985441989898883362990696608897636827767352022870868160951294032440499828294926615206690021360050820138787187551500345222414796416543893707023992423569410384770779623242397837406954765684017902131175401902368467240938263383275858030606117213004249314673064562366316927775924161933090509641118083793857434909782134360535413033908737694427957615203575191372352162175296250969808543902293025056392492706023
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f09c85fda29f7d8fc968bbd5d4894d1dbed390ff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ea756258047ad9631290c1dcd9417b46474505e3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.otpbank.com.ua'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'otpbank.com.ua'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b42ef09c1000004030047304502201b17cfe4767a4ab0e53ee727482a4622e3b78d8af86a435c8d533185d3179bcb022100c529eb9a9125a4a51abc997e7decfe2c1aaa33b47324ae888a9be7002200366800760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b42ef097f00000403004730450220540982f58580491477e031e2a1078f87c1a5a40628f44222288124c0b3672453022100dd5a196bfc12aba3c58fa437bf41a01141b9f0d3d96592e9ca015c3038cd8122007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b42ef095b0000040300483046022100def585889da426f770911a75a4049fcb4bc822271c23d7edfcd90f3af9b28456022100f4fd0f8248923b19f141985a55a79313c6488d6a4de84bdace9cd6bfca211640
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00425761cd7f6ad4237368abfda8576282bc8003c137ca108f23b668a628423b00e732f3aa711755da35a0f0a3274d1dd9cdbb879c88a5158af1f981aefae8b940c9b55898bda0a6e2084eef223489f9db44f5736040b3c56122a7da752406e8701c640c9f3370cd1ce23b4e17c5ffe7dfaa1ee208724189ff527f2641dcf8256433352da054349e5b3ac9ed3831410beba58adee2e4ae40fe34bada5d234c4d2524a301cdf6c206714a0a3a63d5b98a80f52372fd9c363650c01f5948707dc788a61da33d8fddfbfb2b89b6c3f4f3838315af71b4a29d62b92b8699bd593933c40392a80cc4ee8b8494f10ef9b58e5b37f1c955d8b4ebf11f21be5e166f0f6085c9ea67d43202da96b680dce2dfe4f537fb2c565736245f99d75bd44664630991b81db631bb4f0e9a8f392dce1f981b902c96066ca008d8ea237e97c40e1a6187263c08e9b7d21cb4b3f6f7192ea5fde4f21cc8d4855052d940b8f1a9fd9b966f4bcd2a94f934398b899ec73e7daab538cf7f82442bcf671338a38a9c556028dd4f0146ffcab81429b67c46aae7ab24e360fe793bb91b8977cb79b2aeba84bc73e1b111ce57d5d52ea80a7c19e7531e2dfd836dccc74fcb9a753c7293e9d9ef686cfc259f8e2572a6731cff52f9ab1c8611f69eac87d02bb759e529ed1a22e11786f216b82b0ef5a7571c4c095775565c9e61f84fa35da0753e1ee1cfdd99b3de