www.gov.uk
- Government Digital Service -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0e:86:12:84:8c:51:7e:0e:e4:d3:0b:3a:c1:90:89:b5 was issued on by DigiCert Inc.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- 1 DNS name(s) are bare public suffixes: gov.uk The domain SHOULD NOT have a bare public suffix (awslabs certlint)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Government Digital Service
Organization:
Government Digital Service
Organization unit: Government Digital Service
Organization unit: Government Digital Service
State / Province:
England
Locality: London
Country: GB
Locality: London
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:86:12:84:8c:51:7e:0e:e4:d3:0b:3a:c1:90:89:b5Serial Number (int): 19305335304949226395133466949933107637
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 20:49:68:b9:61:5a:d7:93:a2:2f:16:32:44:63:21:2b:36:d2:95:1e
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 8e:bb:cc:c4:f6:a9:4e:c3:f0:3a:34:44:20:ef:cd:0f:3a:37:ef:17
Fingerprint (sha256): a3:fb:4e:64:ee:4d:0b:cc:08:6b:53:e2:2e:0c:ea:8f:dc:0b:d6:cb:2d:f5:ad:84:79:d2:97:f6:86:2c:a5:28
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl
Check the revocation status for certificate www.gov.uk
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gov.uk
assets.digital.cabinet-office.gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
*.production.alphagov.co.uk
*.preview.alphagov.co.uk
*.publishing.service.gov.uk
gov.uk
assets.digital.cabinet-office.gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
*.production.alphagov.co.uk
*.preview.alphagov.co.uk
*.publishing.service.gov.uk
gov.uk
Other certificates including the domain name www.gov.uk
(limited to 100 certificates)
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
Certificate
The complete raw certificate details for www.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHDCCBQSgAwIBAgIQDoYShIxRfg7k0ws6wZCJtTANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xNTEwMDQwMDAwMDBaFw0xNjEyMDcxMjAwMDBa MIGPMQswCQYDVQQGEwJHQjEQMA4GA1UECBMHRW5nbGFuZDEPMA0GA1UEBxMGTG9u ZG9uMSMwIQYDVQQKExpHb3Zlcm5tZW50IERpZ2l0YWwgU2VydmljZTEjMCEGA1UE CxMaR292ZXJubWVudCBEaWdpdGFsIFNlcnZpY2UxEzARBgNVBAMTCnd3dy5nb3Yu dWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0D0nXXozJsIPFPlIw 92dbc6V/AtFiSG9HeL04gEs5bTaU9nM5Ga7eX3NmRPkV3SgzCxn13M4Cw8RvRpbp R7sxUjLJu++tvxkfnpWTBLLtJm1iboQRRKTGp+QJLX/+0OeoW2Ui7LATaHDWBmrE 9APeh1k2CrS01MZiAHJWKdQw72szlbedlAPLn9LuM00/VEOaQjGy9TbiElzMuIQ2 BucW+aVSzaEKj97Y4vLpGfx54/tLtdMMttRqkyVmHmjkXxdhldVjuBoH+FFxG5hz Kv3MsVwDRJc/Wo/4/X00pezMYSuQDrhdxn6HdJUsV+5+0ZwK25O6j8vpekaT1ncm 5NujAgMBAAGjggKQMIICjDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFly OzAdBgNVHQ4EFgQUIElouWFa15OiLxYyRGMhKzbSlR4wgcEGA1UdEQSBuTCBtoIK d3d3Lmdvdi51a4IkYXNzZXRzLmRpZ2l0YWwuY2FiaW5ldC1vZmZpY2UuZ292LnVr ghUqLmJ1c2luZXNzbGluay5nb3YudWuCDyouZGlyZWN0Lmdvdi51a4IbKi5wcm9k dWN0aW9uLmFscGhhZ292LmNvLnVrghgqLnByZXZpZXcuYWxwaGFnb3YuY28udWuC GyoucHVibGlzaGluZy5zZXJ2aWNlLmdvdi51a4IGZ292LnVrMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0 oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc1 LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2Vy dmVyLWc1LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYB BQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w TQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy dFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQELBQADggEBAHR9oUQ8iaS0I8f4Y556Hm+9J9sxVLEk6DI8kBCrTNSw K7DLbIpi+/nmb7Mkiutug8hIqmUb1Zp21ZTC6BAShQySZNsWCY3wKtZnMSegTBT9 Cjds/By0dWGEdnBQgPN9Nfz7onMIU7A+j8+9hgynar+9wluJk9ro+IsTIol2hyJb oFKyLACUbEfyxfVIAVAlRYWBIO8IiAvhnz1ZNthB1LAbO8x99qivIr0ZHG2Evu0Q UiZZJViHIoXhVnIDYbzmiw/yU7WS6NY9zJr8UN0QIlrL3FhlqfpDD2fmkKwMw++6 9sy3h18InIbu+wp9O6ygFTtLzCoYtQNAc44LObF1roo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA9J116MybCDxT5SMPdn W3OlfwLRYkhvR3i9OIBLOW02lPZzORmu3l9zZkT5Fd0oMwsZ9dzOAsPEb0aW6Ue7 MVIyybvvrb8ZH56VkwSy7SZtYm6EEUSkxqfkCS1//tDnqFtlIuywE2hw1gZqxPQD 3odZNgq0tNTGYgByVinUMO9rM5W3nZQDy5/S7jNNP1RDmkIxsvU24hJczLiENgbn FvmlUs2hCo/e2OLy6Rn8eeP7S7XTDLbUapMlZh5o5F8XYZXVY7gaB/hRcRuYcyr9 zLFcA0SXP1qP+P19NKXszGErkA64XcZ+h3SVLFfuftGcCtuTuo/L6XpGk9Z3JuTb owIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19305335304949226395133466949933107637 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-07 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'England' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Digital Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Digital Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22730433905882584952439420306205359578746920985844507892300190098867691674408969023103355621692317701001356909101512846751930623268142732893788109050490770355655150095074669685612031411069528214851151694765743184054853453742853241394438835641395817416516571531553026201852460998123158365227992297002635584982275588204133708755910394571662764112275511856953852867549395231325258865948059603984277595206704160355624112263012764717057837867282572175303737496824414842990219575035154943831914773326342929497662010712835910236780931385028339827626219687498651270454935582112178017175903923921767789399798700283846973512611 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 204968b9615ad793a22f16324463212b36d2951e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.digital.cabinet-office.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.businesslink.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.direct.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.alphagov.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preview.alphagov.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.publishing.service.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00747da1443c89a4b423c7f8639e7a1e6fbd27db3154b124e8323c9010ab4cd4b02bb0cb6c8a62fbf9e66fb3248aeb6e83c848aa651bd59a76d594c2e81012850c9264db16098df02ad6673127a04c14fd0a376cfc1cb475618476705080f37d35fcfba2730853b03e8fcfbd860ca76abfbdc25b8993dae8f88b1322897687225ba052b22c00946c47f2c5f54801502545858120ef08880be19f3d5936d841d4b01b3bcc7df6a8af22bd191c6d84beed105226592558872285e156720361bce68b0ff253b592e8d63dcc9afc50dd10225acbdc5865a9fa430f67e690ac0cc3efbaf6ccb7875f089c86eefb0a7d3baca0153b4bcc2a18b50340738e0b39b175ae8a