tokendecrypting.kaccess.kdev.services
- KPMG LLP -
Issued by DigiCert Global CA G2
About this certificate
This digital certificate with serial number 01:f6:57:74:99:ab:98:30:77:b1:fc:14:d5:cd:84:b9 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
KPMG LLP
Organization:
KPMG LLP
Organization unit: IT Services
Organization unit: IT Services
Locality:
London
Country: GB
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:f6:57:74:99:ab:98:30:77:b1:fc:14:d5:cd:84:b9Serial Number (int): 2608306830645504331106314174933599417
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: ca:7c:e1:ce:66:d3:24:18:27:78:bd:71:bb:c6:e4:f4:d3:ad:2a:de
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20
Fingerprint (sha1): 18:1c:e6:ac:bd:ef:de:c7:41:75:07:0e:82:27:14:52:bf:98:b7:13
Fingerprint (sha256): b1:6d:fa:67:fe:32:44:79:90:48:d6:8a:25:4e:75:ab:f7:ea:1d:ca:d0:f9:ce:57:23:c1:c7:5a:bc:9c:f7:5b
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl
Check the revocation status for certificate tokendecrypting.kaccess.kdev.services
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tokendecrypting.kaccess.kdev.services
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tokendecrypting.kaccess.kdev.services
Other certificates including the domain name kdev.services
(limited to 100 certificates)
imi.kdev.services
imi-uatreporting.kdev.services
fts004.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
apicp001.kdev.services
officewebapps.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
imi.kdev.services
fed02.kaccess.kdev.services
dp001.kdev.services
search.kpmg.kdev.services
tokensigning.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
sites.kpmg.kdev.services
collab.kpmg.kdev.services
sbsites.kpmg.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
search.kpmg.kdev.services
tokensigning02.kaccess.kdev.services
collab.kpmg.kdev.services
tokendecrypting.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
officewebapps.kpmg.kdev.services
fed02.kaccess.kdev.services
search.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
search.kpmg.kdev.services
tokendecrypting02.kaccess.kdev.services
collab.kpmg.kdev.services
tokensigning.kacess.kdev.services
me-ema.staging.kpmg.com
me-staging.kpmg.com
collab.kpmg.kdev.services
uatdealcom.kdev.services
me-ema.staging.kpmg.com
imi-uatreporting.kdev.services
fts004.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
apicp001.kdev.services
officewebapps.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
imi.kdev.services
fed02.kaccess.kdev.services
dp001.kdev.services
search.kpmg.kdev.services
tokensigning.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
sites.kpmg.kdev.services
collab.kpmg.kdev.services
sbsites.kpmg.kdev.services
fed01.kaccess.kdev.services
sites.kpmg.kdev.services
search.kpmg.kdev.services
tokensigning02.kaccess.kdev.services
collab.kpmg.kdev.services
tokendecrypting.kaccess.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
officewebapps.kpmg.kdev.services
fed02.kaccess.kdev.services
search.kpmg.kdev.services
kpmgcollab.kpmg.kdev.services
officewebapps.kpmg.kdev.services
search.kpmg.kdev.services
tokendecrypting02.kaccess.kdev.services
collab.kpmg.kdev.services
tokensigning.kacess.kdev.services
me-ema.staging.kpmg.com
me-staging.kpmg.com
collab.kpmg.kdev.services
uatdealcom.kdev.services
me-ema.staging.kpmg.com
Certificate
The complete raw certificate details for tokendecrypting.kaccess.kdev.services in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgIQAfZXdJmrmDB3sfwU1c2EuTANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTgwOTA1MDAwMDAwWhcNMjAwOTA0MTIw MDAwWjB3MQswCQYDVQQGEwJHQjEPMA0GA1UEBxMGTG9uZG9uMREwDwYDVQQKEwhL UE1HIExMUDEUMBIGA1UECxMLSVQgU2VydmljZXMxLjAsBgNVBAMTJXRva2VuZGVj cnlwdGluZy5rYWNjZXNzLmtkZXYuc2VydmljZXMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDUZCXmythWi4hgYc2FkkiDhr3m6rUWi3SiOdD2ruDecsKA bg33Vo1R1FqG2Ng7HkFtW0g2ruoeHIb/vfnhHx6yMkXNql6xnourZ/8g4E1QVBoR ARooiM48Ijxt9xyglQglJ7533zni3HgldDQD+cHZVQQ7Mn4U+jOGQAwmT21bAG44 JBaifZBGNL6iQM+mi1/BzxPy+v9JNHKd0ZRvMhqJa1VmKi2bAWlpxjbw0rSZezl6 KJcj/TiMkBtTt6zch8IQKYPektRjUgsvzdrzZCl2mN8VG4jhCRo1v0DplEOhuAL1 MxziqVgBoSnjaYiawIKqGYBF72y+rz2/0ig3b0jxAgMBAAGjggICMIIB/jAfBgNV HSMEGDAWgBQkbist0GqSUVElaQGqmkemiedAIDAdBgNVHQ4EFgQUynzhzmbTJBgn eL1xu8bk9NOtKt4wMAYDVR0RBCkwJ4IldG9rZW5kZWNyeXB0aW5nLmthY2Nlc3Mu a2Rldi5zZXJ2aWNlczAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMHcGA1UdHwRwMG4wNaAzoDGGL2h0dHA6Ly9jcmwzLmRpZ2lj ZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbENBRzIuY3JsMDWgM6Axhi9odHRwOi8vY3Js NC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDBMBgNVHSAERTBD MDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy dC5jb20vQ1BTMAgGBmeBDAECAjB0BggrBgEFBQcBAQRoMGYwJAYIKwYBBQUHMAGG GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2Nh Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FHMi5jcnQwCQYDVR0T BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1+d Kwb3b57aGNqBrj4yS5lYkP8n+laj/X5fgL1xul5mOpf58auabhCiWxDI3AsKQeHZ HkRpOxqKKDKt86FjSzFBPigVZoD1+0jEJicOVzVDgFpSTKbhDHPr0HBcUASjgUn4 aYpA5rvkDrGpiVADfEExpOUW1IinMgHdBIVyNb1y/ODX7wLI//883mupjfquXWhj cngsdowz81tUZUDHDOnO83VLESCFbBFQ9piL6M5vLsctpm5x8nkMWGzk9OdCi4WT IaFIPE1arUCnDH89W90vxoILHw+j2sira4yvea6MybgAHqMm4slmZ127vln35BMp AxlyTOPomlYbwLooZw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GQl5srYVouIYGHNhZJI g4a95uq1Fot0ojnQ9q7g3nLCgG4N91aNUdRahtjYOx5BbVtINq7qHhyG/7354R8e sjJFzapesZ6Lq2f/IOBNUFQaEQEaKIjOPCI8bfccoJUIJSe+d9854tx4JXQ0A/nB 2VUEOzJ+FPozhkAMJk9tWwBuOCQWon2QRjS+okDPpotfwc8T8vr/STRyndGUbzIa iWtVZiotmwFpacY28NK0mXs5eiiXI/04jJAbU7es3IfCECmD3pLUY1ILL83a82Qp dpjfFRuI4QkaNb9A6ZRDobgC9TMc4qlYAaEp42mImsCCqhmARe9svq89v9IoN29I 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2608306830645504331106314174933599417 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPMG LLP' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tokendecrypting.kaccess.kdev.services' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26811905498269073236949221873972642448387350405872757883118677979061436373645579776637689147935148913170359807496684766097663808530142660281501160856519908919992279332264475436475588444977645839977444134446908216666260089497592103096339459602045597762263601715708407392434664065521019976575142328680201433417524283182462848352154159560561157533981704744698672324044038305317595109950689918833479249798836544158121395005597388892285080110877733604134115488254710319838610496605901909163577469100027577256693216178099521599366970712089698408194499156269703587633861865364937830379011915209823086081807879447029440530673 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ca7ce1ce66d324182778bd71bbc6e4f4d3ad2ade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokendecrypting.kaccess.kdev.services' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b35f9d2b06f76f9eda18da81ae3e324b995890ff27fa56a3fd7e5f80bd71ba5e663a97f9f1ab9a6e10a25b10c8dc0b0a41e1d91e44693b1a8a2832adf3a1634b31413e28156680f5fb48c426270e573543805a524ca6e10c73ebd0705c5004a38149f8698a40e6bbe40eb1a98950037c4131a4e516d488a73201dd04857235bd72fce0d7ef02c8ffff3cde6ba98dfaae5d686372782c768c33f35b546540c70ce9cef3754b1120856c1150f6988be8ce6f2ec72da66e71f2790c586ce4f4e7428b859321a1483c4d5aad40a70c7f3d5bdd2fc6820b1f0fa3dac8ab6b8caf79ae8cc9b8001ea326e2c966675dbbbe59f7e413290319724ce3e89a561bc0ba2867