*.abumedia.yahoo.com

- Oath Inc -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 04:26:bb:8e:a6:85:17:f0:e8:ba:cd:4c:2f:f8:36:00 was issued on by DigiCert Inc.

With 99 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Oath Inc

Organization: Oath Inc
State / Province: California
Locality: Sunnyvale
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:26:bb:8e:a6:85:17:f0:e8:ba:cd:4c:2f:f8:36:00
Serial Number (int): 5518023376294358652174256191118521856
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 0e:78:0b:c6:d9:8c:89:9b:9e:69:b5:53:d7:b2:94:4c:87:9d:0a:b5
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): f6:5e:8c:d0:14:71:30:bc:c3:ce:44:80:ff:24:2d:d7:04:f6:4c:67
Fingerprint (sha256): a7:c7:f6:c6:d9:23:a9:2c:dc:65:9c:3c:07:07:de:16:28:da:ee:40:11:7a:f1:37:bd:e9:fa:85:57:af:d7:d4

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl

Check the revocation status for certificate *.abumedia.yahoo.com

99

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.abumedia.yahoo.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.abumedia.yahoo.com
*.abumedia.yql.yahoo.com
*.api.udb.yahoo.com
*.campaign.yahoo.com.hk
*.campaign.yahoo.com.tw
*.m.tw.campaign.yahoo.net
*.real-hk.yimg.com
*.smartr.yahoo.com
*.tv.yahoo.com
*.tw.campaign.yahoo.com
*.tw.campaign.yahoo.net
*.user-preference.yahoo.com
*.video.yahoo.com
*.yahoo.com.hk
*.yahoo.com.tw
*.yimg.com
*.youcard.yahoo.com
*.yql.news.yahoo.com
abumedia.yql.yahoo.com
au.lifestyle.yahoo.com
*.news.yahoo.com
au.sports.yahoo.com
be-tools.tw.sports.yahoo.com
hk.celebrity.yahoo.net
hk.emarketing.yahoo.net
hk.esports.yahoo.com
hk.lifestyle.yahoo.net
hk.promotion.yahoo.net
hk.promotions.yahoo.com
hk.promotions.yahoo.net
*.rd.companion.yahoo.com
*.rd.yahoo.com
hk.realestate.yahoo.net
*.trendr.yahoo.com
real1.hk.yimg.com
tw.campaign.money.yahoo.com
*.charity.yahoo.com
tw.edit.finance.yahoo.com
tw.edit.listing.yahoo.com
tw.emarketing.yahoo.com
tw.esports.yahoo.com
*.finance.yahoo.com
tw.image.news.yahoo.com
tw.linkspot.search.yahoo.com
tw.live.yahoo.com
*.money.yahoo.com
tw.news2.yimg.com
tw.payment.charity.yahoo.com
tw.quote.finance.yahoo.net
tw.sales.emarketing.yahoo.com
tw.screener.finance.yahoo.net
*.stock.yahoo.com
tw.stockapp-string.finance.yahoo.net
tw.systex.finance.yahoo.net
tw.v3.news.yimg.com
tw.ysm.emarketing.yahoo.com
yahoo.com.hk
yahoo.com.tw
*.media.yahoo.com
*.engadget.com
*.makers.yahoo.com
*.answers.yahoo.com
*.knowledge.yahoo.com
*.ec.yahoo.com
*.usedcar.yahoo.com
*.bid.yahoo.com
*.mall.yahoo.com
*.buy.yahoo.com
yshop.tw
ystore.tw
ybid.tw
oneec.paas.ec.yahoo.com
*.tns.nevec.yahoo.com
*.nevec.yahoo.com
*.bc.yahoo.com
m.tw.mall.yahoo.com
tw.user.mall.yahoo.com
tw.sc.mall.yahoo.com
tw.points.yahoo.com
tw.promo.yahoo.com
tw.edmbc.mall.yahoo.com
tw.rcv.mall.yahoo.com
tw.analytics.buy.yahoo.com
tw.analytics.mall.yahoo.com
*.buy.yahoo.com.tw
*.cmp.p4pnet.net
*.cmp.shp.yahoo.com
*.ltm.buy.yahoo.com
*.operate.buy.yahoo.com
tw.partner.buy.yahoo.com
tw.ptnr.yimg.com
partner.pr.buy.yahoo.com.tw
*.campaign.bid.yahoo.com
*.analytics.bid.yahoo.com
*.promo.bid.yahoo.com
*.shp.yahoo.com
*.tw.buy.yahoo.com
*.merchant.yahoo.com
*.supplier.yahoo.com

Other certificates including the domain name yahoo.com

(limited to 100 certificates)
digits3.data.yahoo.com
checkout.yahoo.com
*.sonic.mail.yahoo.com
master.data.yahoo.com
login.yahoo.com
backend.paranoids.corp.yahoo.com
qa.edge.ymon.corp.ne1.yahoo.com
*.store.yahoo.com
www.yahoo.com
chilledfilled.corp.gq1.yahoo.com
san.test-paranoids.yahoo.com
allhands.corp.yahoo.com
*.stage.login.yahoo.com
test012.san.test-paranoids.yahoo.com
tw.preview.campaign.money.yahoo.com
stage.api.onepush.mobile.yahoo.com
endurepoor.corp.ir2.yahoo.com
privbin.corp.yahoo.com
tw.mobi.yahoo.com
tw.knowledge.yahoo.com
stg-sandyui-01.netops.corp.gq1.yahoo.com
cosmos.bcp.search.corp.yahoo.com
testdata.factory.vespa.corp.yahoo.com
mobileexcellence.corp.yahoo.com
staging-origin-life.huffpo.net
lab-uic-pub.lab.rich.corp.yahoo.com
pr.comet.yahoo.com
admin.nevec.yahoo.com
steamedesteemed.corp.sg3.yahoo.com
stage.api.pes.yahoo.com
test.dek.ckms.yahoo.com
goglobal-demo.g11n.corp.gq1.yahoo.com
academy-delivery.cc.corp.yahoo.com
beta.api.backyard3.corp.yahoo.com
tw.billing.yahoo.com
sp.analytics.yahoo.com
dwdevetl02.fin.corp.gq1.yahoo.com
uc-gq1-vcenter1.corp.gq1.yahoo.com
backend-stage.paranoids.corp.yahoo.com
wherehaus.stage.geotech.corp.yahoo.com
gq1-psinprd-clu.psi.corp.gq1.yahoo.com
*.jeditools.mail.yahoo.com
kite-tools.pbp.corp.ne1.yahoo.com
origin.qa.dispatcher.yahoo.com
*.ea.ops.yahoo.com
endurepoor.corp.ir2.yahoo.com
*.report.gemini.yahoo.com
api.soln-stage.isvc.cp.yahoo.com
backend-stage.paranoids.corp.yahoo.com
san.test-paranoids.yahoo.com
san.test-paranoids.yahoo.com
tw.db.media.yahoo.com
*.cs.gq1-1.manhattan.gq1.yahoo.com
sh-gdpr.search.yahoo.com
*.abumedia.yahoo.com
*.answers.ycpi.yahoo.com
*.tee.ops.search.yahoo.com
privbin.corp.yahoo.com
oxy-oxygen-4a0620a5.gq1.yahoo.com
e2.ycpi.aeb.yahoo.com
secure02.lithium.com
telco-sg3-jump.sg3.corp.yahoo.com
legacy.pop.mail.yahoo.com
privbin.corp.yahoo.com
admin.ckms.yahoo.com
sp.analytics.yahoo.com
*.api.gemini.yahoo.com
dev.ui.payments.yahoo.com
dspskadpostback.aaca.yahooinc.com
san.test-paranoids.yahoo.com
splunk1.flurry.gq1.yahoo.com
certreloader.demo.yahoo.com
splunk.dspe.yahoo.com
src2.yahoo.com
profileproxy.prod.tgt.bf1.yahoo.com
legaltoolsstage.corp.yahoo.com
test1.yahoo.com
st39.yahoo.com
beta.edit.client.yahoo.com
chat.ouroath.com
endurepoor.corp.ir2.yahoo.com
*.chef.ops.yahoo.com
backend-stage.paranoids.corp.yahoo.com
san.test-paranoids.yahoo.com
manhattan.yahoo.com
dev.productcentral.aol.com
*.tripod.bf2.yahoo.com
ws.mobile.mail.yahoo.com
vpn2-1-gci.eglbp.corp.yahoo.com
endurepoor.corp.ir2.yahoo.com
yakl-rules.ops.yahoo.com
jp.techcrunch.com
ldap-mgmnt.corp.yahoo.com
yql.onepush.mobile.yahoo.com
*.hlfs.yahoo.com
*.wv.msg.yahoo.com
endurepoor.corp.ir2.yahoo.com
ads.vidible.tv
kronostest.fin.corp.yahoo.com
api.native.yahooinc.com

Certificate

The complete raw certificate details for *.abumedia.yahoo.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIN3DCCDMSgAwIBAgIQBCa7jqaFF/Dous1ML/g2ADANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yMTA5MTMwMDAwMDBaFw0yMjAzMDkyMzU5NTla
MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlT
dW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMR0wGwYDVQQDDBQqLmFidW1lZGlh
LnlhaG9vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAQ1L70
qPpb+DDOLjvKnucmi4PxgUJbVGC4ehIltcU2h6SUUh9vlVIzxAnebVDK1w4fHK5O
p7sQG0aygTLLtBwO/dD34nQO5v4UFJH6HK3N+4WTovGvTLUldGX9hZ8JktMaIrbX
wVYFG8oCRT7Z3yItsSMCuRKW0HRgzPmKpyek+M4qLb4hIiDes02i1plIHzdMvviZ
U0p/1xa7Z8MHRy7bck0Q6YSS4TpShATyGgElvmZY1hYGOUZaGGE/TVVWNkfZnqzH
EysCmltaPO/d3+QM0Ll313Djk/b69wNvuv3wZx4cvFQt9CbZG4Iff8lnp1Ge4LQe
iLkmlZ48UHXtHhECAwEAAaOCCngwggp0MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZ
ZWRiohK4WXI7MB0GA1UdDgQWBBQOeAvG2YyJm55ptVPXspRMh50KtTCCCKEGA1Ud
EQSCCJgwggiUghQqLmFidW1lZGlhLnlhaG9vLmNvbYIYKi5hYnVtZWRpYS55cWwu
eWFob28uY29tghMqLmFwaS51ZGIueWFob28uY29tghcqLmNhbXBhaWduLnlhaG9v
LmNvbS5oa4IXKi5jYW1wYWlnbi55YWhvby5jb20udHeCGSoubS50dy5jYW1wYWln
bi55YWhvby5uZXSCEioucmVhbC1oay55aW1nLmNvbYISKi5zbWFydHIueWFob28u
Y29tgg4qLnR2LnlhaG9vLmNvbYIXKi50dy5jYW1wYWlnbi55YWhvby5jb22CFyou
dHcuY2FtcGFpZ24ueWFob28ubmV0ghsqLnVzZXItcHJlZmVyZW5jZS55YWhvby5j
b22CESoudmlkZW8ueWFob28uY29tgg4qLnlhaG9vLmNvbS5oa4IOKi55YWhvby5j
b20udHeCCioueWltZy5jb22CEyoueW91Y2FyZC55YWhvby5jb22CFCoueXFsLm5l
d3MueWFob28uY29tghZhYnVtZWRpYS55cWwueWFob28uY29tghZhdS5saWZlc3R5
bGUueWFob28uY29tghAqLm5ld3MueWFob28uY29tghNhdS5zcG9ydHMueWFob28u
Y29tghxiZS10b29scy50dy5zcG9ydHMueWFob28uY29tghZoay5jZWxlYnJpdHku
eWFob28ubmV0ghdoay5lbWFya2V0aW5nLnlhaG9vLm5ldIIUaGsuZXNwb3J0cy55
YWhvby5jb22CFmhrLmxpZmVzdHlsZS55YWhvby5uZXSCFmhrLnByb21vdGlvbi55
YWhvby5uZXSCF2hrLnByb21vdGlvbnMueWFob28uY29tghdoay5wcm9tb3Rpb25z
LnlhaG9vLm5ldIIYKi5yZC5jb21wYW5pb24ueWFob28uY29tgg4qLnJkLnlhaG9v
LmNvbYIXaGsucmVhbGVzdGF0ZS55YWhvby5uZXSCEioudHJlbmRyLnlhaG9vLmNv
bYIRcmVhbDEuaGsueWltZy5jb22CG3R3LmNhbXBhaWduLm1vbmV5LnlhaG9vLmNv
bYITKi5jaGFyaXR5LnlhaG9vLmNvbYIZdHcuZWRpdC5maW5hbmNlLnlhaG9vLmNv
bYIZdHcuZWRpdC5saXN0aW5nLnlhaG9vLmNvbYIXdHcuZW1hcmtldGluZy55YWhv
by5jb22CFHR3LmVzcG9ydHMueWFob28uY29tghMqLmZpbmFuY2UueWFob28uY29t
ghd0dy5pbWFnZS5uZXdzLnlhaG9vLmNvbYIcdHcubGlua3Nwb3Quc2VhcmNoLnlh
aG9vLmNvbYIRdHcubGl2ZS55YWhvby5jb22CESoubW9uZXkueWFob28uY29tghF0
dy5uZXdzMi55aW1nLmNvbYIcdHcucGF5bWVudC5jaGFyaXR5LnlhaG9vLmNvbYIa
dHcucXVvdGUuZmluYW5jZS55YWhvby5uZXSCHXR3LnNhbGVzLmVtYXJrZXRpbmcu
eWFob28uY29tgh10dy5zY3JlZW5lci5maW5hbmNlLnlhaG9vLm5ldIIRKi5zdG9j
ay55YWhvby5jb22CJHR3LnN0b2NrYXBwLXN0cmluZy5maW5hbmNlLnlhaG9vLm5l
dIIbdHcuc3lzdGV4LmZpbmFuY2UueWFob28ubmV0ghN0dy52My5uZXdzLnlpbWcu
Y29tght0dy55c20uZW1hcmtldGluZy55YWhvby5jb22CDHlhaG9vLmNvbS5oa4IM
eWFob28uY29tLnR3ghEqLm1lZGlhLnlhaG9vLmNvbYIOKi5lbmdhZGdldC5jb22C
EioubWFrZXJzLnlhaG9vLmNvbYITKi5hbnN3ZXJzLnlhaG9vLmNvbYIVKi5rbm93
bGVkZ2UueWFob28uY29tgg4qLmVjLnlhaG9vLmNvbYITKi51c2VkY2FyLnlhaG9v
LmNvbYIPKi5iaWQueWFob28uY29tghAqLm1hbGwueWFob28uY29tgg8qLmJ1eS55
YWhvby5jb22CCHlzaG9wLnR3ggl5c3RvcmUudHeCB3liaWQudHeCF29uZWVjLnBh
YXMuZWMueWFob28uY29tghUqLnRucy5uZXZlYy55YWhvby5jb22CESoubmV2ZWMu
eWFob28uY29tgg4qLmJjLnlhaG9vLmNvbYITbS50dy5tYWxsLnlhaG9vLmNvbYIW
dHcudXNlci5tYWxsLnlhaG9vLmNvbYIUdHcuc2MubWFsbC55YWhvby5jb22CE3R3
LnBvaW50cy55YWhvby5jb22CEnR3LnByb21vLnlhaG9vLmNvbYIXdHcuZWRtYmMu
bWFsbC55YWhvby5jb22CFXR3LnJjdi5tYWxsLnlhaG9vLmNvbYIadHcuYW5hbHl0
aWNzLmJ1eS55YWhvby5jb22CG3R3LmFuYWx5dGljcy5tYWxsLnlhaG9vLmNvbYIS
Ki5idXkueWFob28uY29tLnR3ghAqLmNtcC5wNHBuZXQubmV0ghMqLmNtcC5zaHAu
eWFob28uY29tghMqLmx0bS5idXkueWFob28uY29tghcqLm9wZXJhdGUuYnV5Lnlh
aG9vLmNvbYIYdHcucGFydG5lci5idXkueWFob28uY29tghB0dy5wdG5yLnlpbWcu
Y29tghtwYXJ0bmVyLnByLmJ1eS55YWhvby5jb20udHeCGCouY2FtcGFpZ24uYmlk
LnlhaG9vLmNvbYIZKi5hbmFseXRpY3MuYmlkLnlhaG9vLmNvbYIVKi5wcm9tby5i
aWQueWFob28uY29tgg8qLnNocC55YWhvby5jb22CEioudHcuYnV5LnlhaG9vLmNv
bYIUKi5tZXJjaGFudC55YWhvby5jb22CFCouc3VwcGxpZXIueWFob28uY29tMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYD
VR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEt
c2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3No
YTItaGEtc2VydmVyLWc2LmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsG
AQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYMGCCsGAQUFBwEB
BHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsG
AQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEy
SGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB
1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBEo/g2trQgDjH2E4Ke79Cn
6d4YEfhJRr3Q0QHZW661Wd6LPDkMjxPKo+k9HER6KM/xMlXHnRdW7vJwboKYwyPN
62R4VjheE/tJRWbX3Ly4lkYJzz4hNbfJhm000/vzyQAVh3LqAHZvg5VAornqWWhQ
ANYXrmwpCx3oMThJPvzN1bZ0Qg+r6O1qChL+H2qbSUI2SM8epTfw53ibXe3bpP56
TJiEAYkGKMY3ZLxnN5T7T3wQMOwwg5f3gHfIYHhfCW7z0PAcLAfhL8k2Q7KfFIdi
aR2rqfNAAfzSN7IbZZ4dZ/Skjf+c1FYS8V1iR3g9fOYfgIfyIfAjV+oBc0gu9+Kf
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBDUvvSo+lv4MM4uO8qe
5yaLg/GBQltUYLh6EiW1xTaHpJRSH2+VUjPECd5tUMrXDh8crk6nuxAbRrKBMsu0
HA790PfidA7m/hQUkfocrc37hZOi8a9MtSV0Zf2FnwmS0xoittfBVgUbygJFPtnf
Ii2xIwK5EpbQdGDM+YqnJ6T4ziotviEiIN6zTaLWmUgfN0y++JlTSn/XFrtnwwdH
LttyTRDphJLhOlKEBPIaASW+ZljWFgY5RloYYT9NVVY2R9merMcTKwKaW1o8793f
5AzQuXfXcOOT9vr3A2+6/fBnHhy8VC30Jtkbgh9/yWenUZ7gtB6IuSaVnjxQde0e
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5518023376294358652174256191118521856
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sunnyvale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.abumedia.yahoo.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18186615609655298331388003317984249049031493218145941889732466541986313686909881506994942202951310542079981155063627938867289416699331357061176663015549397577120896205222459022515723860156754711328574651491109172465418243234446199621365967853827383897513653550373911421872602479772545520734535397396136674464655641406993373304800608471996516345061213650351631997074846357410247869170615090016193836712325687008877930237432192634775774202772161278131843353939401019200981033932101055123335749590896104911563925859767752334928046187948609777509109186119979886102092441183270054616977275383330402162641081324646620274193
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0e780bc6d98c899b9e69b553d7b2944c879d0ab5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.abumedia.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.abumedia.yql.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.udb.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.campaign.yahoo.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.campaign.yahoo.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.m.tw.campaign.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.real-hk.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.smartr.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tv.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tw.campaign.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tw.campaign.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.user-preference.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.video.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yahoo.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yahoo.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.youcard.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yql.news.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abumedia.yql.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'au.lifestyle.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.news.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'au.sports.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'be-tools.tw.sports.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.celebrity.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.emarketing.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.esports.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.lifestyle.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.promotion.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.promotions.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.promotions.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rd.companion.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rd.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hk.realestate.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.trendr.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'real1.hk.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.campaign.money.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.charity.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.edit.finance.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.edit.listing.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.emarketing.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.esports.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.finance.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.image.news.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.linkspot.search.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.live.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.money.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.news2.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.payment.charity.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.quote.finance.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.sales.emarketing.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.screener.finance.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stock.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.stockapp-string.finance.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.systex.finance.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.v3.news.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.ysm.emarketing.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yahoo.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yahoo.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.media.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engadget.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.makers.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.answers.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.knowledge.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ec.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.usedcar.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bid.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yshop.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ystore.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ybid.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oneec.paas.ec.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tns.nevec.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nevec.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bc.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.tw.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.user.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.sc.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.points.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.promo.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.edmbc.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.rcv.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.analytics.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.analytics.mall.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.buy.yahoo.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cmp.p4pnet.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cmp.shp.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ltm.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.operate.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.partner.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tw.ptnr.yimg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partner.pr.buy.yahoo.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.campaign.bid.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.analytics.bid.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.promo.bid.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shp.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tw.buy.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.merchant.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.supplier.yahoo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0044a3f836b6b4200e31f613829eefd0a7e9de1811f84946bdd0d101d95baeb559de8b3c390c8f13caa3e93d1c447a28cff13255c79d1756eef2706e8298c323cdeb647856385e13fb494566d7dcbcb8964609cf3e2135b7c9866d34d3fbf3c900158772ea00766f839540a2b9ea59685000d617ae6c290b1de83138493efccdd5b674420fabe8ed6a0a12fe1f6a9b49423648cf1ea537f0e7789b5deddba4fe7a4c988401890628c63764bc673794fb4f7c1030ec308397f78077c860785f096ef3d0f01c2c07e12fc93643b29f148762691daba9f34001fcd237b21b659e1d67f4a48dff9cd45612f15d6247783d7ce61f8087f221f02357ea0173482ef7e29f