www.gov.uk
- Government Digital Service -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0c:4b:cf:76:cf:74:64:3f:75:b7:2c:93:13:72:29:28 was issued on by DigiCert Inc.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- 1 DNS name(s) are bare public suffixes: gov.uk The domain SHOULD NOT have a bare public suffix (awslabs certlint)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Government Digital Service
Organization:
Government Digital Service
State / Province:
England
Locality: London
Country: GB
Locality: London
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:4b:cf:76:cf:74:64:3f:75:b7:2c:93:13:72:29:28Serial Number (int): 16344366085724340961324252319150385448
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 20:49:68:b9:61:5a:d7:93:a2:2f:16:32:44:63:21:2b:36:d2:95:1e
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 91:7c:29:18:f4:82:29:83:61:0f:1c:0b:3b:c6:0e:0b:fc:d5:07:18
Fingerprint (sha256): c0:eb:30:aa:17:ec:ce:25:0f:db:ec:3e:99:26:13:a6:b8:ab:50:a5:b7:39:7c:0d:a9:f5:74:83:da:ec:6e:cf
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g4.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g4.crl
Check the revocation status for certificate www.gov.uk
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gov.uk
assets.digital.cabinet-office.gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
gov.uk
*.production.alphagov.co.uk
*.preview.alphagov.co.uk
assets.digital.cabinet-office.gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
gov.uk
*.production.alphagov.co.uk
*.preview.alphagov.co.uk
Other certificates including the domain name www.gov.uk
(limited to 100 certificates)
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
Certificate
The complete raw certificate details for www.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgIQDEvPds90ZD91tyyTE3IpKDANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xNDA5MDMwMDAwMDBaFw0xNTExMDMxMjAwMDBa MGoxCzAJBgNVBAYTAkdCMRAwDgYDVQQIEwdFbmdsYW5kMQ8wDQYDVQQHEwZMb25k b24xIzAhBgNVBAoTGkdvdmVybm1lbnQgRGlnaXRhbCBTZXJ2aWNlMRMwEQYDVQQD Ewp3d3cuZ292LnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA9J 116MybCDxT5SMPdnW3OlfwLRYkhvR3i9OIBLOW02lPZzORmu3l9zZkT5Fd0oMwsZ 9dzOAsPEb0aW6Ue7MVIyybvvrb8ZH56VkwSy7SZtYm6EEUSkxqfkCS1//tDnqFtl IuywE2hw1gZqxPQD3odZNgq0tNTGYgByVinUMO9rM5W3nZQDy5/S7jNNP1RDmkIx svU24hJczLiENgbnFvmlUs2hCo/e2OLy6Rn8eeP7S7XTDLbUapMlZh5o5F8XYZXV Y7gaB/hRcRuYcyr9zLFcA0SXP1qP+P19NKXszGErkA64XcZ+h3SVLFfuftGcCtuT uo/L6XpGk9Z3JuTbowIDAQABo4ICaTCCAmUwHwYDVR0jBBgwFoAUUWj/kK8CB3U8 zNllZGKiErhZcjswHQYDVR0OBBYEFCBJaLlhWteToi8WMkRjISs20pUeMIGkBgNV HREEgZwwgZmCCnd3dy5nb3YudWuCJGFzc2V0cy5kaWdpdGFsLmNhYmluZXQtb2Zm aWNlLmdvdi51a4IVKi5idXNpbmVzc2xpbmsuZ292LnVrgg8qLmRpcmVjdC5nb3Yu dWuCBmdvdi51a4IbKi5wcm9kdWN0aW9uLmFscGhhZ292LmNvLnVrghgqLnByZXZp ZXcuYWxwaGFnb3YuY28udWswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5k aWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzQuY3JsMDSgMqAwhi5odHRwOi8v Y3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzQuY3JsMEIGA1UdIAQ7 MDkwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj ZXJ0LmNvbS9DUFMwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNy dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQA2g/4jE3vBpNwW1bMY kqiyJ73AA4IRFaZh8lZXrsZ3tkBRMGV6BEeL4+VR9k2xYX3PPDGSWX9vsgvtHwI3 VLfOs1gNel9Z34KNRyxEmObHkACdK68Y/R79RchbwgU/rgUNayGynWkGWdxwmoP+ cod4X8Or1rBroPa10gqug2T0Hn9s3TWGIl9XuMIMnfObJu05V+IYY9FvToIg907o p9NaOxWj/Xz2qBMB3/BTXwNkyGpt9vc3oGIs8IIzblp+wneGkS+tHceRFlmuqEhq HmONECzZnbO+wrnjv274DSIUyz8EOirbDn1UVBm+45iiQ6ljLcCxmpdfGn512v7/ /slM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA9J116MybCDxT5SMPdn W3OlfwLRYkhvR3i9OIBLOW02lPZzORmu3l9zZkT5Fd0oMwsZ9dzOAsPEb0aW6Ue7 MVIyybvvrb8ZH56VkwSy7SZtYm6EEUSkxqfkCS1//tDnqFtlIuywE2hw1gZqxPQD 3odZNgq0tNTGYgByVinUMO9rM5W3nZQDy5/S7jNNP1RDmkIxsvU24hJczLiENgbn FvmlUs2hCo/e2OLy6Rn8eeP7S7XTDLbUapMlZh5o5F8XYZXVY7gaB/hRcRuYcyr9 zLFcA0SXP1qP+P19NKXszGErkA64XcZ+h3SVLFfuftGcCtuTuo/L6XpGk9Z3JuTb owIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16344366085724340961324252319150385448 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-09-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-03 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'England' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Digital Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22730433905882584952439420306205359578746920985844507892300190098867691674408969023103355621692317701001356909101512846751930623268142732893788109050490770355655150095074669685612031411069528214851151694765743184054853453742853241394438835641395817416516571531553026201852460998123158365227992297002635584982275588204133708755910394571662764112275511856953852867549395231325258865948059603984277595206704160355624112263012764717057837867282572175303737496824414842990219575035154943831914773326342929497662010712835910236780931385028339827626219687498651270454935582112178017175903923921767789399798700283846973512611 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 204968b9615ad793a22f16324463212b36d2951e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (156 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.digital.cabinet-office.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.businesslink.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.direct.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.alphagov.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preview.alphagov.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003683fe23137bc1a4dc16d5b31892a8b227bdc003821115a661f25657aec677b6405130657a04478be3e551f64db1617dcf3c3192597f6fb20bed1f023754b7ceb3580d7a5f59df828d472c4498e6c790009d2baf18fd1efd45c85bc2053fae050d6b21b29d690659dc709a83fe7287785fc3abd6b06ba0f6b5d20aae8364f41e7f6cdd3586225f57b8c20c9df39b26ed3957e21863d16f4e8220f74ee8a7d35a3b15a3fd7cf6a81301dff0535f0364c86a6df6f737a0622cf082336e5a7ec27786912fad1dc7911659aea8486a1e638d102cd99db3bec2b9e3bf6ef80d2214cb3f043a2adb0e7d545419bee398a243a9632dc0b19a975f1a7e75dafefffec94c