digicert.com
- DigiCert, Inc. -
Issued by DigiCert EV RSA CA G2
About this certificate
This digital certificate with serial number 0b:ae:fd:bd:aa:c0:f5:38:b6:4b:97:ff:58:84:5b:38 was issued on by DigiCert Inc.
With 22 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
DigiCert, Inc.
Company registration number:
5299537-0142
Organization: DigiCert, Inc.
Organization: DigiCert, Inc.
State / Province:
Utah
Locality: Lehi
Country: US
Locality: Lehi
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:ae:fd:bd:aa:c0:f5:38:b6:4b:97:ff:58:84:5b:38Serial Number (int): 15530114083617297130819649395432381240
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ec:2d:79:41:14:39:ca:cb:77:98:cd:7c:d0:66:42:57:ee:b4:0f:30
AuthorityKeyId: 6a:4e:50:bf:98:68:9d:5b:7b:20:75:d4:59:01:79:48:66:92:32:06
Fingerprint (sha1): fe:4c:10:00:60:d8:89:29:72:74:94:28:aa:fb:91:90:7d:e5:75:12
Fingerprint (sha256): c8:2d:70:98:47:41:c3:99:5e:38:e6:48:23:37:16:74:be:58:49:53:6c:3d:bc:c2:1f:41:72:fd:bb:31:58:51
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertEVRSACAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertEVRSACAG2.crl
Check the revocation status for certificate digicert.com
22
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digicert.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digicert.com
www.digicert.com
content.digicert.com
websecurity.digicert.com
www.websecurity.digicert.com
knowledgehub.digicert.com
kh.digicert.com
knowledge.digicert.com
knowledgebase.digicert.com
kb-internal.digicert.com
thawte.com
www.thawte.com
thawte.de
www.thawte.de
thawte.fr
www.thawte.fr
geotrust.com
www.geotrust.com
rapidssl.com
www.rapidssl.com
freessl.com
www.freessl.com
www.digicert.com
content.digicert.com
websecurity.digicert.com
www.websecurity.digicert.com
knowledgehub.digicert.com
kh.digicert.com
knowledge.digicert.com
knowledgebase.digicert.com
kb-internal.digicert.com
thawte.com
www.thawte.com
thawte.de
www.thawte.de
thawte.fr
www.thawte.fr
geotrust.com
www.geotrust.com
rapidssl.com
www.rapidssl.com
freessl.com
www.freessl.com
Other certificates including the domain name digicert.com
(limited to 100 certificates)
www.digicert.com
Q1LXCLPM02.dev.blu.digicert.com
digicert-rsa4096-root-g5-expired.chain-demos.digicert.com
shoppingguarantee.digicert.com
summit.digicert.com
statuspage.io
www.digicert.com
Q2LXDCTM01.blu.dc.digicert.com
U1WIADSDC01.blu.dc.digicert.com
sabrxdev.corp.dev.blu.digicert.com
DigiCert, Inc.
partnernews.digicert.com
statuspage.io
statuspage.io
www.digicert.com
aem-cloud.corp.prod.blu.digicert.com
statuspage.io
nettest1.int.gw.digicert.com
seal.digicert.com
digicert-ecc-p384-root-g5.chain-demos.digicert.com
smtp.digicert.com
wsus.corp.digicert.com
quovadis-root-ca-3-g3.chain-demos.digicert.com
statuspage.io
global-root-g2.chain-demos.digicert.com
*.ssltools.digicert.com
statuspage.io
statuspage.io
statuspage.io
trusted-root-g4.chain-demos.digicert.com
cybertrust-global-root-revoked.chain-demos.digicert.com
leh.int.gw.digicert.com
sso.websecurity.digicert.com
statuspage.io
quovadis-root-ca-3-revoked.chain-demos.digicert.com
onsiteipsec.pki.digicert.com
statuspage.io
manageengine.corp.digicert.com
statuspage.io
cds3.cvent.com
cybertrust-global-root.chain-demos.digicert.com
repo.slc.digicert.com
ebsdev.corp.dev.blu.digicert.com
smtp.digicert.com
trusted-root-g4-expired.chain-demos.digicert.com
trusted-root-g4.chain-demos.digicert.com
nettest1.int.gw.digicert.com
statuspage.io
statuspage.io
*.chain-demos.digicert.com
statuspage.io
www.digicert.com
assured-id-root-g2.digicert.com
statuspage.io
dub.ext.gw.digicert.com
statuspage.io
statuspage.io
mel2.ext.gw.digicert.com
statuspage.io
www.digicert.com
chain-demos.digicert.com
verizon-global-root-ca.chain-demos.digicert.com
statuspage.io
M2WIADSDC02.mel.dc.digicert.com
updates.digicert.com
trusted-root-g4.digicert.com
admin.digicert.com
*.ct.digicert.com
statuspage.io
clientauth.demo.one.nl.digicert.com
cc-admin.websecurity.digicert.com
ft3-cc-admin.websecurity.digicert.com
cybertrust-global-root.chain-demos.digicert.com
trusted-root-g4-revoked.chain-demos.digicert.com
rancher.blu.digicert.com
one.digicert.com
images.shoppingguarantee.digicert.com
ECA1WIDB01.DCAPROD.DIGICERT.COM
resources.digicert.com
statuspage.io
images.updates.digicert.com
cds3.cvent.com
status-wrapper.digicert.com
statuspage.io
U1WIADSMDC01.dc.digicert.com
statuspage.io
statuspage.io
assured-id-root-g3-expired.chain-demos.digicert.com
LE1WIADSMDC02.corp.digicert.com
smetrics.digicert.com
statuspage.io
intra.digicert.com
assured-id-root-ca.chain-demos.digicert.com
veeam-azure.dc.digicert.com
ev-root.chain-demos.digicert.com
statuspage.io
statuspage.io
lb2.slc.digicert.com
statuspage.io
dataservices.digicert.com
Q1LXCLPM02.dev.blu.digicert.com
digicert-rsa4096-root-g5-expired.chain-demos.digicert.com
shoppingguarantee.digicert.com
summit.digicert.com
statuspage.io
www.digicert.com
Q2LXDCTM01.blu.dc.digicert.com
U1WIADSDC01.blu.dc.digicert.com
sabrxdev.corp.dev.blu.digicert.com
DigiCert, Inc.
partnernews.digicert.com
statuspage.io
statuspage.io
www.digicert.com
aem-cloud.corp.prod.blu.digicert.com
statuspage.io
nettest1.int.gw.digicert.com
seal.digicert.com
digicert-ecc-p384-root-g5.chain-demos.digicert.com
smtp.digicert.com
wsus.corp.digicert.com
quovadis-root-ca-3-g3.chain-demos.digicert.com
statuspage.io
global-root-g2.chain-demos.digicert.com
*.ssltools.digicert.com
statuspage.io
statuspage.io
statuspage.io
trusted-root-g4.chain-demos.digicert.com
cybertrust-global-root-revoked.chain-demos.digicert.com
leh.int.gw.digicert.com
sso.websecurity.digicert.com
statuspage.io
quovadis-root-ca-3-revoked.chain-demos.digicert.com
onsiteipsec.pki.digicert.com
statuspage.io
manageengine.corp.digicert.com
statuspage.io
cds3.cvent.com
cybertrust-global-root.chain-demos.digicert.com
repo.slc.digicert.com
ebsdev.corp.dev.blu.digicert.com
smtp.digicert.com
trusted-root-g4-expired.chain-demos.digicert.com
trusted-root-g4.chain-demos.digicert.com
nettest1.int.gw.digicert.com
statuspage.io
statuspage.io
*.chain-demos.digicert.com
statuspage.io
www.digicert.com
assured-id-root-g2.digicert.com
statuspage.io
dub.ext.gw.digicert.com
statuspage.io
statuspage.io
mel2.ext.gw.digicert.com
statuspage.io
www.digicert.com
chain-demos.digicert.com
verizon-global-root-ca.chain-demos.digicert.com
statuspage.io
M2WIADSDC02.mel.dc.digicert.com
updates.digicert.com
trusted-root-g4.digicert.com
admin.digicert.com
*.ct.digicert.com
statuspage.io
clientauth.demo.one.nl.digicert.com
cc-admin.websecurity.digicert.com
ft3-cc-admin.websecurity.digicert.com
cybertrust-global-root.chain-demos.digicert.com
trusted-root-g4-revoked.chain-demos.digicert.com
rancher.blu.digicert.com
one.digicert.com
images.shoppingguarantee.digicert.com
ECA1WIDB01.DCAPROD.DIGICERT.COM
resources.digicert.com
statuspage.io
images.updates.digicert.com
cds3.cvent.com
status-wrapper.digicert.com
statuspage.io
U1WIADSMDC01.dc.digicert.com
statuspage.io
statuspage.io
assured-id-root-g3-expired.chain-demos.digicert.com
LE1WIADSMDC02.corp.digicert.com
smetrics.digicert.com
statuspage.io
intra.digicert.com
assured-id-root-ca.chain-demos.digicert.com
veeam-azure.dc.digicert.com
ev-root.chain-demos.digicert.com
statuspage.io
statuspage.io
lb2.slc.digicert.com
statuspage.io
dataservices.digicert.com
Certificate
The complete raw certificate details for digicert.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIcTCCB1mgAwIBAgIQC679varA9Ti2S5f/WIRbODANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjMxMTE2MDAwMDAwWhcNMjQxMjE2MjM1 OTU5WjCBvTETMBEGCysGAQQBgjc8AgEDEwJVUzEVMBMGCysGAQQBgjc8AgECEwRV dGFoMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEVMBMGA1UEBRMMNTI5 OTUzNy0wMTQyMQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRhaDENMAsGA1UEBxME TGVoaTEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xFTATBgNVBAMTDGRpZ2ljZXJ0 LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANi4znHVKPM2RScn SGzInmJp8JQhnOhGG09F+35HnsIxIxQWN2dKmwq37/wkKgSJTy2W9sJL19fZ+tAn FsgCThkEPQ1d4p3qtUHb1A6YMW3Vta+3eM5/9D7MVfY0GnzSFXJSYWuj26K1Rt7C BxdVyjWBdO0LB7wh9xBMAaMJnXK4QSls7RtdqPddwYBQp1Mmat47jq1Lc3NbbVVw dYDGqIgVoozjjI7uEwdPYWxj0Qvr3RlYdzp/4f2GPT8MIazxduK3zvayqkUjwBj7 DNbLfjQPzMDcffq7qW1igQbw1HKYWR6+B1iNUo3sxPWq0H1+UAq81A4zb6HGWfZs fCbeYDUCAwEAAaOCBOMwggTfMB8GA1UdIwQYMBaAFGpOUL+YaJ1beyB11FkBeUhm kjIGMB0GA1UdDgQWBBTsLXlBFDnKy3eYzXzQZkJX7rQPMDCCAaMGA1UdEQSCAZow ggGWggxkaWdpY2VydC5jb22CEHd3dy5kaWdpY2VydC5jb22CFGNvbnRlbnQuZGln aWNlcnQuY29tghh3ZWJzZWN1cml0eS5kaWdpY2VydC5jb22CHHd3dy53ZWJzZWN1 cml0eS5kaWdpY2VydC5jb22CGWtub3dsZWRnZWh1Yi5kaWdpY2VydC5jb22CD2to LmRpZ2ljZXJ0LmNvbYIWa25vd2xlZGdlLmRpZ2ljZXJ0LmNvbYIaa25vd2xlZGdl YmFzZS5kaWdpY2VydC5jb22CGGtiLWludGVybmFsLmRpZ2ljZXJ0LmNvbYIKdGhh d3RlLmNvbYIOd3d3LnRoYXd0ZS5jb22CCXRoYXd0ZS5kZYINd3d3LnRoYXd0ZS5k ZYIJdGhhd3RlLmZygg13d3cudGhhd3RlLmZyggxnZW90cnVzdC5jb22CEHd3dy5n ZW90cnVzdC5jb22CDHJhcGlkc3NsLmNvbYIQd3d3LnJhcGlkc3NsLmNvbYILZnJl ZXNzbC5jb22CD3d3dy5mcmVlc3NsLmNvbTBKBgNVHSAEQzBBMAsGCWCGSAGG/WwC ATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNv bS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20v RGlnaUNlcnRFVlJTQUNBRzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2Vy dC5jb20vRGlnaUNlcnRFVlJTQUNBRzIuY3JsMHMGCCsGAQUFBwEBBGcwZTAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMD0GCCsGAQUFBzAChjFo dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRFVlJTQUNBRzIuY3J0 MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AO7N0GTV 2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi9mIvHUAAAQDAEgwRgIhAJXK mCN8azRBw9VtGtbmI3cuEyprm3k/wlCia61KjAgZAiEA5SPfaZEct0Farve3Cqm3 o52tJb0lf3z7dzhcSpFCYvIAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAYvZiLyTAAAEAwBHMEUCIANYzSm+S1miQ85xO/0K3hXkbBN1OzsUnl3f ScNgeh5nAiEA0SL9IyDUvckEQxVG9GjR8IsrBwPY5iVCXH/r8beTp+wAdgDatr9r P7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYvZiLx6AAAEAwBHMEUCIQD2 L1+oT8ysrQuDnwnpWXhYS4xpKXflK1g+g6x6NZ4rEgIgdow5r4/zNwsCYWiMVcVe zMax9cbp0D2mtXZ5JAqKvwAwDQYJKoZIhvcNAQELBQADggEBAA/IflE81ISVASQr 5vx1u51TAnChnWkifD6Xujo7HYNa8Zp1wzKXAhPMjtSJdKHx74k3mzfnTqMwO1tK bAFBdMlYQn38zSkIVQm8lVKMv+MZ2XtOMo/GanK6rVN21PKRhjHoB4GJ/l2tZtR4 6xlNTwiNv29tSe2Ozp96MWlMLElyH4AmB+Zxc0Cw1DxirTZtGTYNKVCJUrCmFKuT PiwnlWoEZKpITnK9Uo1V9jltPtfZ0NUwNDfVmAy37PjlgCeIgKdrKXqgwD6YDGK8 YSeG4+H3NVeNw/RnQQFw+GZyszkq4Y3oHOHv2CA0UG99ulS0ACCENg7oej0voyU9 xpVNDdw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LjOcdUo8zZFJydIbMie YmnwlCGc6EYbT0X7fkeewjEjFBY3Z0qbCrfv/CQqBIlPLZb2wkvX19n60CcWyAJO GQQ9DV3ineq1QdvUDpgxbdW1r7d4zn/0PsxV9jQafNIVclJha6PborVG3sIHF1XK NYF07QsHvCH3EEwBowmdcrhBKWztG12o913BgFCnUyZq3juOrUtzc1ttVXB1gMao iBWijOOMju4TB09hbGPRC+vdGVh3On/h/YY9PwwhrPF24rfO9rKqRSPAGPsM1st+ NA/MwNx9+rupbWKBBvDUcphZHr4HWI1SjezE9arQfX5QCrzUDjNvocZZ9mx8Jt5g NQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15530114083617297130819649395432381240 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert EV RSA CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utah' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5299537-0142' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Utah' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lehi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digicert.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27358605317079658809334118376962074893235325804513219139594584454606902543074802448462083329634117426718262322873398962233079881341374606552582948818955040570460851436141140336773406175567409679372455409055945302033981368176077449169277326762757606960233715095891188810755989218236060228063907984135531177550531989406898432716472245162754796297690332478774149450191698896480462831049461971704050998435649771352767828142875479639757017310829119707697356237011895972551755894961161919504917108080352171347137296594646678426541093457945283368316735727447003070879402971935004920129043906700447418520413922182692752744501 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a4e50bf98689d5b7b2075d45901794866923206 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ec2d79411439cacb7798cd7cd0664257eeb40f30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (410 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'content.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'websecurity.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.websecurity.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knowledgehub.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kh.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knowledge.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knowledgebase.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kb-internal.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thawte.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thawte.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thawte.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thawte.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rapidssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rapidssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freessl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.freessl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertEVRSACAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bd988bc75000004030048304602210095ca98237c6b3441c3d56d1ad6e623772e132a6b9b793fc250a26bad4a8c0819022100e523df69911cb7415aaef7b70aa9b7a39dad25bd257f7cfb77385c4a914262f200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bd988bc93000004030047304502200358cd29be4b59a243ce713bfd0ade15e46c13753b3b149e5ddf49c3607a1e67022100d122fd2320d4bdc904431546f468d1f08b2b0703d8e625425c7febf1b793a7ec007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018bd988bc7a0000040300473045022100f62f5fa84fccacad0b839f09e95978584b8c692977e52b583e83ac7a359e2b120220768c39af8ff3370b0261688c55c55eccc6b1f5c6e9d03da6b57679240a8abf00 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000fc87e513cd4849501242be6fc75bb9d530270a19d69227c3e97ba3a3b1d835af19a75c332970213cc8ed48974a1f1ef89379b37e74ea3303b5b4a6c014174c958427dfccd29085509bc95528cbfe319d97b4e328fc66a72baad5376d4f2918631e8078189fe5dad66d478eb194d4f088dbf6f6d49ed8ece9f7a31694c2c49721f802607e6717340b0d43c62ad366d19360d29508952b0a614ab933e2c27956a0464aa484e72bd528d55f6396d3ed7d9d0d5303437d5980cb7ecf8e580278880a76b297aa0c03e980c62bc612786e3e1f735578dc3f467410170f86672b3392ae18de81ce1efd82034506f7dba54b4002084360ee87a3d2fa3253dc6954d0ddc