*.palaexpo.it

- Azienda Speciale Palaexpo -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 04:3c:4e:6f:10:44:28:06:24:9b:72:bc:b7:7f:05:ee was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Azienda Speciale Palaexpo

Organization: Azienda Speciale Palaexpo
Locality: Roma
Country: IT

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:3c:4e:6f:10:44:28:06:24:9b:72:bc:b7:7f:05:ee
Serial Number (int): 5630040621961033183814522063009285614
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b0:f1:b1:26:2d:63:9c:98:70:0a:51:56:1f:7d:35:92:e1:c0:e3:b0
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): d1:55:12:10:a2:88:d7:6d:6a:51:d7:a2:f8:e6:94:76:0b:84:8d:cb
Fingerprint (sha256): c7:83:e8:0a:b8:e4:db:22:3c:61:30:79:9c:63:21:a8:90:4c:39:8e:68:27:c4:bb:2e:52:91:6b:c2:8a:18:2f

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate *.palaexpo.it

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.palaexpo.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.palaexpo.it
palaexpo.it
gigafile.palaexpo.it

Other certificates including the domain name palaexpo.it

(limited to 100 certificates)
*.palaexpo.it
*.palaexpo.it
*.palaexpo.it
sip.palaexpo.it
*.palaexpo.it
*.palaexpo.it
*.palaexpo.it
www.palaexpo.it
*.palaexpo.it
*.palaexpo.it
www.palazzoesposizioni.it
*.palaexpo.it
*.palaexpo.it
*.palaexpo.it
www.palaexpo.it
*.palaexpo.it
*.palaexpo.it
sip.palaexpo.it
*.palaexpo.it
*.palaexpo.it
*.palaexpo.it
*.palaexpo.it

Certificate

The complete raw certificate details for *.palaexpo.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGqTCCBZGgAwIBAgIQBDxObxBEKAYkm3K8t38F7jANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNjE4MDAwMDAwWhcN
MjAwNzIyMTIwMDAwWjBYMQswCQYDVQQGEwJJVDENMAsGA1UEBxMEUm9tYTEiMCAG
A1UEChMZQXppZW5kYSBTcGVjaWFsZSBQYWxhZXhwbzEWMBQGA1UEAwwNKi5wYWxh
ZXhwby5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKXiPJALsxOA
oYb0Qo9urHxavm9sfIVUKejfZt40sQeJaX3g67aknqsak1+mUw1sUQwdeZsWBRRM
syxSGFdd+FTLJVjD+diHk7xsMN6KxXo6sPWRxBcb6klpXTdJeoczyp9yBXTCbxLq
UMbVIvTYBeOGIF4LHakGbQjmRKI/yyjI7ATXyahccY/eb6t2nk85pbuWGIL4P27A
2SdA3BIkE3KcQgLXXkJnyhaY4gH/CHr2HXX/Hu2McT4a/mBYrxCVNf7tIkVP26K+
ftThfyb6GmDB+yAx6nN6d4Bu7nQX22Rp+cXAmIB6rUZURnZPca68/uL80Snmf5oE
dsuhyYZQhssCAwEAAaOCA3gwggN0MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4
tCzhxtniMB0GA1UdDgQWBBSw8bEmLWOcmHAKUVYffTWS4cDjsDA7BgNVHREENDAy
gg0qLnBhbGFleHBvLml0ggtwYWxhZXhwby5pdIIUZ2lnYWZpbGUucGFsYWV4cG8u
aXQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3Nj
YS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3Nz
Y2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEF
BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYI
KwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j
b20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp
Q2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisG
AQQB1nkCBAIEggFtBIIBaQFnAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fN
DsgN3BAAAAFkEwcIUgAABAMARzBFAiBji4D8Q48XLICDpGaQu1YJoZ8gpeIFBFzH
Odx71il7fgIhAOK0reBB95FnWyDvwpiu35JRN1XmleqekCaoHGzJ2FkvAHUAh3W/
51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFkEwcJLAAABAMARjBEAiAb
NyFYY566eV9qRilSJXQVidi3A5BhgbHhFzequRkjlwIgZZFA4Qq3Icz2GXzXL8rp
wdzkR12Fy685+facdBi2P7kAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2
jh7RhQAAAWQTBwlEAAAEAwBHMEUCIAGu1YC3k1y+vS/N5hDwM+cbi06Iwiv0BF/Y
/SO4loXNAiEAxifhHumPjJH0N/3IX6L2qNqwlWPMl8NpKSN+HpLukp4wDQYJKoZI
hvcNAQELBQADggEBAD93OIpVOVTU5x8KBdjX5Ccqp3YaZie/QueEPmyVv7I9HMr9
skQkcX5l0XByDW3yJ3chUYkb/pNJ5i0hv2OO0DTcZKXIJDNJpWlJUPA+F5O2hiZv
L+LpajqOp5BRuJ7tYOrjlokNc+Hqv3XV9o7Uy0/tLh8Hse9p6xZQqgQHyZtLAfpQ
Ai9ngHzbmgc+cG2LqaZiJF97z2Sb4UmwLJfBTL6kiGqRvwV49kR6NgjRV/jRnv3H
PdHa/sc8Bk2gW7ZruvTfqwmOBqYjYYf+oI6gMPzb7R9V7DrHzPAgOmrRq2OOvk0e
lIQZVaS53P/PpePlV8la/gjLdPyGzd1qtn3LtNo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeI8kAuzE4ChhvRCj26s
fFq+b2x8hVQp6N9m3jSxB4lpfeDrtqSeqxqTX6ZTDWxRDB15mxYFFEyzLFIYV134
VMslWMP52IeTvGww3orFejqw9ZHEFxvqSWldN0l6hzPKn3IFdMJvEupQxtUi9NgF
44YgXgsdqQZtCOZEoj/LKMjsBNfJqFxxj95vq3aeTzmlu5YYgvg/bsDZJ0DcEiQT
cpxCAtdeQmfKFpjiAf8IevYddf8e7YxxPhr+YFivEJU1/u0iRU/bor5+1OF/Jvoa
YMH7IDHqc3p3gG7udBfbZGn5xcCYgHqtRlRGdk9xrrz+4vzRKeZ/mgR2y6HJhlCG
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5630040621961033183814522063009285614
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Roma'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Azienda Speciale Palaexpo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.palaexpo.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20940881731478483004818429050935617720993509188682929331029997825755803748116460961884404347678670822757115096407260528611849854784157432662417794516183590107573145822619787560558076369279136928704269685643572473146220798323405890727522953913026415561386833651813049261499273393695860879014010626028253690620322417428304054491029803703476032980580328661316841936752003767942263574529837032869558541484725914232385855227612245474039621149868442976517262823465176006106409132956205325295533614271665076593454469902759463838026526314453705193924173381825638687632474219135399966650144799230022347602777394897522252613323
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b0f1b1262d639c98700a51561f7d3592e1c0e3b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.palaexpo.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'palaexpo.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gigafile.palaexpo.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001641307085200000403004730450220638b80fc438f172c8083a46690bb5609a19f20a5e205045cc739dc7bd6297b7e022100e2b4ade041f791675b20efc298aedf92513755e695ea9e9026a81c6cc9d8592f0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001641307092c000004030046304402201b372158639eba795f6a46295225741589d8b703906181b1e11737aab91923970220659140e10ab721ccf6197cd72fcae9c1dce4475d85cbaf39f9f69c7418b63fb9007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000164130709440000040300473045022001aed580b7935cbebd2fcde610f033e71b8b4e88c22bf4045fd8fd23b89685cd022100c627e11ee98f8c91f437fdc85fa2f6a8dab09563cc97c36929237e1e92ee929e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003f77388a553954d4e71f0a05d8d7e4272aa7761a6627bf42e7843e6c95bfb23d1ccafdb24424717e65d170720d6df227772151891bfe9349e62d21bf638ed034dc64a5c8243349a5694950f03e1793b686266f2fe2e96a3a8ea79051b89eed60eae396890d73e1eabf75d5f68ed4cb4fed2e1f07b1ef69eb1650aa0407c99b4b01fa50022f67807cdb9a073e706d8ba9a662245f7bcf649be149b02c97c14cbea4886a91bf0578f6447a3608d157f8d19efdc73dd1dafec73c064da05bb66bbaf4dfab098e06a6236187fea08ea030fcdbed1f55ec3ac7ccf0203a6ad1ab638ebe4d1e94841955a4b9dcffcfa5e3e557c95afe08cb74fc86cddd6ab67dcbb4da