*.previews.dropboxusercontent.com

- Dropbox, Inc -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 03:d8:bc:03:73:93:c9:a5:cf:3a:aa:03:34:6a:e8:82 was issued on by DigiCert Inc.

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Dropbox, Inc

Organization: Dropbox, Inc
State / Province: California
Locality: San Francisco
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:d8:bc:03:73:93:c9:a5:cf:3a:aa:03:34:6a:e8:82
Serial Number (int): 5113033475257684922553020049863141506
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: da:62:63:24:e1:f0:99:8c:88:7c:91:13:2f:c3:01:36:0b:aa:ec:69
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): 2c:ea:d8:28:8a:05:8d:09:f9:dd:8f:27:d4:1b:2b:8a:b3:d7:af:d2
Fingerprint (sha256): a8:66:e8:f9:16:31:0a:49:26:2d:c3:42:67:7d:5f:51:f6:3a:3e:1a:f0:79:78:93:cf:c2:82:4b:8c:a2:54:25

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate *.previews.dropboxusercontent.com

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.previews.dropboxusercontent.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.previews.dropboxusercontent.com
previews.dropboxusercontent.com
photos-1.dropbox.com
photos-2.dropbox.com
photos-3.dropbox.com
photos-4.dropbox.com
photos-5.dropbox.com
photos-6.dropbox.com
previews.dropbox.com
api-content.dropbox.com
api-content-photos.dropbox.com
photos-thumb.dropbox.com
photos-thumb-origin.dropbox.com
content.dropboxapi.com

Other certificates including the domain name dropboxusercontent.com

(limited to 100 certificates)
dl.dropboxusercontent.com
dl.dropboxusercontent.com
*.dev.corp.dropbox.com
*.previews.dropboxusercontent.com
*.previews.dropboxusercontent.com
*.dl.dropboxusercontent.com
paper-hackpad-attachments.dropbox.com
*.previews.dropboxusercontent.com
*.dev.corp.dropboxusercontent.com
*.processing.dropboxusercontent.com
paper-eu-attachments.dropbox.com
dl.dropboxusercontent.com
paper-attachments.dropbox.com
*.previews.dropboxusercontent.com
*.dl.dropboxusercontent.com
*.dl.dev.corp.dropboxusercontent.com
dl.dropboxusercontent.com
*.dev.corp.dropboxusercontent.com
dl.dropbox.com
*.previews.dropboxusercontent.com
paper-nonprod-attachments.dropbox.com
*.dl.dev.corp.dropboxusercontent.com
*.dev.corp.dropboxstatic.com
*.dl.dropboxusercontent.com
paper-attachments.dropbox.com
paper-nonprod-attachments.dropbox.com
paper-audio-attachments.dropbox.com
*.previews.dropboxusercontent.com
*.previews.dropboxusercontent.com
paper-hackpad-attachments.dropbox.com
paper-hackpad-attachments.dropbox.com
paper-nonprod-attachments.dropbox.com
*.processing.dropboxusercontent.com
dl.dropbox.com
*.dl.dropboxusercontent.com
*.dl.dropboxusercontent.com
*.dl.dropboxusercontent.com
*.dev.corp.dropbox.com
dl.dropboxusercontent.com
*.previews.dropboxusercontent.com
*.dev.corp.dropbox.com
*.dev.corp.dropbox.com
dl.dropboxusercontent.com
*.previews.dropboxusercontent.com
paper-attachments.dropbox.com
gdd.clouddocs.dropboxusercontent.com
*.previews.dropboxusercontent.com
*.dropboxusercontent.com
paper-hackpad-attachments.dropbox.com
*.previews.dropboxusercontent.com
*.dev.corp.dropbox.com
*.previews.dropboxusercontent.com
*.dl.dropboxusercontent.com
*.dev.corp.dropbox.com
*.dropboxusercontent.com
dl.dropbox.com
paper-attachments.dropbox.com
*.processing.dropboxusercontent.com
*.dl.dropboxusercontent.com
paper-eu-attachments.dropbox.com
*.dl.dropboxusercontent.com
*.previews.dropboxusercontent.com
paper-eu-attachments.dropbox.com
paper-eu-attachments.dropbox.com
paper-nonprod-audio-attachments.dropbox.com
*.dev.corp.dropboxstatic.com
dl-doc.dropbox.com
paper-nonprod-attachments.dropbox.com
dl.dropbox.com
*.dev.corp.dropboxusercontent.com

Certificate

The complete raw certificate details for *.previews.dropboxusercontent.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgIQA9i8A3OTyaXPOqoDNGrogjANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMw
OTIxMDAwMDAwWhcNMjQxMDIxMjM1OTU5WjB9MQswCQYDVQQGEwJVUzETMBEGA1UE
CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEVMBMGA1UEChMM
RHJvcGJveCwgSW5jMSowKAYDVQQDDCEqLnByZXZpZXdzLmRyb3Bib3h1c2VyY29u
dGVudC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAMd+cAaEq
Ca0Q7II4POmxW5QDxJZKCcKEAod81u2Ws6SHxhuJn9Ue0ZDzs3hTLiZcVZdCZ49J
UGJtJIhKTAjOe6WZegCEv/q/55MnumC29vnmDiXvuzm+jGHZgkFhl0lnDpp7t4sl
AkSIOl6fhSZlrzYXR2AKGWLNif7PAta3mIVS8aAim5T8OJXSbHOgpsaWRUN1PS/c
movLsSUkCmPuuzDEvhJBuswPRgKgSZ19LJGrCR3dn+M+1pIKHfw0U3guHn39KGpU
YgGKoD08nt6a9XerWCi5evdKTx5vl6iZCYYr3rd6ITWnUXK6rDk9GvtonLekMzO9
PCsoeEcRsGDHAgMBAAGjggN9MIIDeTAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3
qgMdvu3NFzAdBgNVHQ4EFgQU2mJjJOHwmYyIfJETL8MBNguq7GkwggF3BgNVHREE
ggFuMIIBaoIhKi5wcmV2aWV3cy5kcm9wYm94dXNlcmNvbnRlbnQuY29tgh9wcmV2
aWV3cy5kcm9wYm94dXNlcmNvbnRlbnQuY29tghRwaG90b3MtMS5kcm9wYm94LmNv
bYIUcGhvdG9zLTIuZHJvcGJveC5jb22CFHBob3Rvcy0zLmRyb3Bib3guY29tghRw
aG90b3MtNC5kcm9wYm94LmNvbYIUcGhvdG9zLTUuZHJvcGJveC5jb22CFHBob3Rv
cy02LmRyb3Bib3guY29tghRwcmV2aWV3cy5kcm9wYm94LmNvbYIXYXBpLWNvbnRl
bnQuZHJvcGJveC5jb22CHmFwaS1jb250ZW50LXBob3Rvcy5kcm9wYm94LmNvbYIY
cGhvdG9zLXRodW1iLmRyb3Bib3guY29tgh9waG90b3MtdGh1bWItb3JpZ2luLmRy
b3Bib3guY29tghZjb250ZW50LmRyb3Bib3hhcGkuY29tMD4GA1UdIAQ3MDUwMwYG
Z4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E
aWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDBIoEagRIZC
aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FT
SEEyNTYyMDIwQ0ExLTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGG
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2Nh
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYy
MDIwQ0ExLTEuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBAAIUehjsISKRBHuO/SgH0T474/pAen7esWaMsRWs
ikFSojQSQmPzjdPiJem8mYChZYcsmOKEAruERIc0bqJvwU94nln697Y6SlMZ6PKI
trBC6I63Y5ee7Y8SuFRFjhC2v2JB6ls+il3IfIKUUoyEVSMqSK1b+GahI91r7BNR
cdNOKDGz4kJ3rIFgt56yaKpMJQGddSJbm32Ao/GvmWQEhGuCWxkymNQB0UlrsDFN
dAdRWRS7+G9F+1MyiIR6JulQ15WB11LQ9+4AgDhUCAZiR+KdNmhNKvB6axi9QoF+
gp3WTWSs4jWC8OKEZf5zL2d9e9vxHQjIDendzSe+60Tk/tQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDHfnAGhKgmtEOyCODzp
sVuUA8SWSgnChAKHfNbtlrOkh8YbiZ/VHtGQ87N4Uy4mXFWXQmePSVBibSSISkwI
znulmXoAhL/6v+eTJ7pgtvb55g4l77s5voxh2YJBYZdJZw6ae7eLJQJEiDpen4Um
Za82F0dgChlizYn+zwLWt5iFUvGgIpuU/DiV0mxzoKbGlkVDdT0v3JqLy7ElJApj
7rswxL4SQbrMD0YCoEmdfSyRqwkd3Z/jPtaSCh38NFN4Lh59/ShqVGIBiqA9PJ7e
mvV3q1gouXr3Sk8eb5eomQmGK963eiE1p1Fyuqw5PRr7aJy3pDMzvTwrKHhHEbBg
xwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5113033475257684922553020049863141506
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dropbox, Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.previews.dropboxusercontent.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24262348080233555540414549011298391193745703519970437449148450138977999686455638444383946622740382042821253769251055675343741019989709066054204398197316407410995252927938454249053760179485965753134491178382662824788888233012058651407348920227554652711070212933583692498479789755696145154247190023380628347397912199045104581878522376595338426526403991396171248833813890678599874280286501163445577362819834801532773988290219039814801447219547364094344678798182950207826603234558168902178371651905105440588162429414825793310885862884741186994911534697263071875788077192874692755801039590323081133323417225396270400561351
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							da626324e1f0998c887c91132fc301360baaec69
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.previews.dropboxusercontent.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'previews.dropboxusercontent.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-1.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-2.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-3.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-4.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-5.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-6.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'previews.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-content.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-content-photos.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-thumb.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-thumb-origin.dropbox.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'content.dropboxapi.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0002147a18ec212291047b8efd2807d13e3be3fa407a7edeb1668cb115ac8a4152a234124263f38dd3e225e9bc9980a165872c98e28402bb844487346ea26fc14f789e59faf7b63a4a5319e8f288b6b042e88eb763979eed8f12b854458e10b6bf6241ea5b3e8a5dc87c8294528c8455232a48ad5bf866a123dd6bec135171d34e2831b3e24277ac8160b79eb268aa4c25019d75225b9b7d80a3f1af996404846b825b193298d401d1496bb0314d7407515914bbf86f45fb533288847a26e950d79581d752d0f7ee0080385408066247e29d36684d2af07a6b18bd42817e829dd64d64ace23582f0e28465fe732f677d7bdbf11d08c80de9ddcd27beeb44e4fed4