tokensigning02.kaccess.kdev.services
- KPMG LLP -
Issued by DigiCert Global CA G2
About this certificate
This digital certificate with serial number 0d:ee:3a:3c:d8:ce:0b:1d:d3:ca:78:66:9e:38:5d:19 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
KPMG LLP
Organization:
KPMG LLP
Organization unit: IT Services
Organization unit: IT Services
Locality:
London
Country: GB
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:ee:3a:3c:d8:ce:0b:1d:d3:ca:78:66:9e:38:5d:19Serial Number (int): 18516911798079811312583775290861837593
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f4:42:6a:d5:23:c2:c5:e1:0a:8b:70:9e:2c:8a:02:fe:71:99:20:86
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20
Fingerprint (sha1): 5c:75:be:fc:54:99:b2:42:c1:fb:6b:c3:5d:72:4d:03:5f:bc:fc:91
Fingerprint (sha256): a3:ec:9c:c8:aa:00:c9:84:4f:94:85:42:a2:1c:b5:06:16:3c:61:cd:93:03:c7:67:eb:35:10:c5:05:81:b9:e8
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl
Check the revocation status for certificate tokensigning02.kaccess.kdev.services
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tokensigning02.kaccess.kdev.services
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tokensigning02.kaccess.kdev.services
Other certificates including the domain name kdev.services
(limited to 100 certificates)
imi.kdev.services
imi-uatreporting.kdev.services
fts004.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
apicp001.kdev.services
officewebapps.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
imi.kdev.services
fed02.kaccess.kdev.services
dp001.kdev.services
search.kpmg.kdev.services
tokensigning.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
sites.kpmg.kdev.services
collab.kpmg.kdev.services
sbsites.kpmg.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
search.kpmg.kdev.services
tokensigning02.kaccess.kdev.services
collab.kpmg.kdev.services
tokendecrypting.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
officewebapps.kpmg.kdev.services
fed02.kaccess.kdev.services
search.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
search.kpmg.kdev.services
tokendecrypting02.kaccess.kdev.services
collab.kpmg.kdev.services
tokensigning.kacess.kdev.services
me-ema.staging.kpmg.com
me-staging.kpmg.com
collab.kpmg.kdev.services
uatdealcom.kdev.services
me-ema.staging.kpmg.com
imi-uatreporting.kdev.services
fts004.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
apicp001.kdev.services
officewebapps.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
imi.kdev.services
fed02.kaccess.kdev.services
dp001.kdev.services
search.kpmg.kdev.services
tokensigning.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
sites.kpmg.kdev.services
collab.kpmg.kdev.services
sbsites.kpmg.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
search.kpmg.kdev.services
tokensigning02.kaccess.kdev.services
collab.kpmg.kdev.services
tokendecrypting.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
officewebapps.kpmg.kdev.services
fed02.kaccess.kdev.services
search.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
search.kpmg.kdev.services
tokendecrypting02.kaccess.kdev.services
collab.kpmg.kdev.services
tokensigning.kacess.kdev.services
me-ema.staging.kpmg.com
me-staging.kpmg.com
collab.kpmg.kdev.services
uatdealcom.kdev.services
me-ema.staging.kpmg.com
Certificate
The complete raw certificate details for tokensigning02.kaccess.kdev.services in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgIQDe46PNjOCx3TynhmnjhdGTANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTgwOTA1MDAwMDAwWhcNMjAwOTA0MTIw MDAwWjB2MQswCQYDVQQGEwJHQjEPMA0GA1UEBxMGTG9uZG9uMREwDwYDVQQKEwhL UE1HIExMUDEUMBIGA1UECxMLSVQgU2VydmljZXMxLTArBgNVBAMTJHRva2Vuc2ln bmluZzAyLmthY2Nlc3Mua2Rldi5zZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAN2/tYNFUgNopsptViGnlZkOSJz4kHYrtmd6F7jEz0yUjkp5 a6luuIBRCqt4z3Q8oPn82/zzdM8I7n77oufPJJISvNS5RKhLF1jYh8eBzjQtfwCM Pv2IkIpSCunIw5As20ok+lMIQBLVzuNV+8l9CBVWKLm83xCKPGyqIMKn79Q6Ckxz YTTL06yDqmTtw2fDMF7r3YE0D2B/wtlz+TJ6c40a/eNO62zm3meDa5kYYnKKmkPR Jz+wfXC4LDYqI28L9X/BBeQeiEzK/kkBDkjR4qkg+UOeDipslbil7mrHhJLHP8Fm VlyBixcx5dXUaiTbsw2fHOPBw96ESxoGCV8WntcCAwEAAaOCAgEwggH9MB8GA1Ud IwQYMBaAFCRuKy3QapJRUSVpAaqaR6aJ50AgMB0GA1UdDgQWBBT0QmrVI8LF4QqL cJ4sigL+cZkghjAvBgNVHREEKDAmgiR0b2tlbnNpZ25pbmcwMi5rYWNjZXNzLmtk ZXYuc2VydmljZXMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9odHRwOi8vY3JsMy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1oDOgMYYvaHR0cDovL2NybDQu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FHMi5jcmwwTAYDVR0gBEUwQzA3 BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu Y29tL0NQUzAIBgZngQwBAgIwdAYIKwYBBQUHAQEEaDBmMCQGCCsGAQUFBzABhhho dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNl cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbENBRzIuY3J0MAkGA1UdEwQC MAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAHdErDWJ C6NLVO99NpcQfSClGpT5O1pq3kpSQOBJ7g1RC1QbWI7awstjSdIzq9Kl8OZZaZWW 45FKubH5ECHAiNkLn+z8Qtny5Mz/hrlfm8XJO7QGI/YAQSfbaHOdKa7hFvUcmM9S cYphxb+Pvnmj48s1qpsAlrDK/sWQX2s8lEkMaBn9+FM88+q9WDAUlC0K59rfSxn5 MPEBN66q44ueAH48MwAX6RECcmFDqJ0SCljEumV3GDVhdz/pUfbcPrJlX6rrSjvj tYDUG4huO5kpWuZAyxdzpGjb0glXxEb22Tns1Brbvztamcuwd122/n7MlFa2dIq2 OvvhRwMOkXxPa6A= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b+1g0VSA2imym1WIaeV mQ5InPiQdiu2Z3oXuMTPTJSOSnlrqW64gFEKq3jPdDyg+fzb/PN0zwjufvui588k khK81LlEqEsXWNiHx4HONC1/AIw+/YiQilIK6cjDkCzbSiT6UwhAEtXO41X7yX0I FVYoubzfEIo8bKogwqfv1DoKTHNhNMvTrIOqZO3DZ8MwXuvdgTQPYH/C2XP5Mnpz jRr9407rbObeZ4NrmRhicoqaQ9EnP7B9cLgsNiojbwv1f8EF5B6ITMr+SQEOSNHi qSD5Q54OKmyVuKXuaseEksc/wWZWXIGLFzHl1dRqJNuzDZ8c48HD3oRLGgYJXxae 1wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18516911798079811312583775290861837593 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPMG LLP' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tokensigning02.kaccess.kdev.services' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27993200645680943917020810057910078669030530599632970025103203138725057994674305951439500977935511996748041933313907651036937706348290089525067225404164126572758726348096378788630573309571837781368002281760259881467675553979826724008317375378066884427527010495020606424878838864057352160455295539917871514052525325602034499556089359676120253321702926948707741701121004055809615346524195051365555235169862206730153461562355883872249723631619835577531342991976343312593392480856116004004480744352922680923307402120939291437999620621738669021775139492392016338644408736328398541669861171011879478321866366900772458110679 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4426ad523c2c5e10a8b709e2c8a02fe71992086 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokensigning02.kaccess.kdev.services' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007744ac35890ba34b54ef7d3697107d20a51a94f93b5a6ade4a5240e049ee0d510b541b588edac2cb6349d233abd2a5f0e659699596e3914ab9b1f91021c088d90b9fecfc42d9f2e4ccff86b95f9bc5c93bb40623f6004127db68739d29aee116f51c98cf52718a61c5bf8fbe79a3e3cb35aa9b0096b0cafec5905f6b3c94490c6819fdf8533cf3eabd583014942d0ae7dadf4b19f930f10137aeaae38b9e007e3c330017e91102726143a89d120a58c4ba6577183561773fe951f6dc3eb2655faaeb4a3be3b580d41b886e3b99295ae640cb1773a468dbd20957c446f6d939ecd41adbbf3b5a99cbb0775db6fe7ecc9456b6748ab63afbe147030e917c4f6ba0