*.lhcaz.gov

- Lake Havasu City -

Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 01:52:9d:9c:7e:5f:69:e5:59:b6:cb:4f:30:cf:dc:4e was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Lake Havasu City

Organization: Lake Havasu City
State / Province: Arizona
Locality: Lake Havasu City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 01:52:9d:9c:7e:5f:69:e5:59:b6:cb:4f:30:cf:dc:4e
Serial Number (int): 1758193075196356545539072549857516622
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: e3:a1:86:61:94:5c:50:89:82:c7:87:71:fa:9b:62:99:44:8d:0c:98
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (sha1): d8:ac:20:18:6e:f6:a6:70:39:06:e1:36:a2:58:e5:01:33:2c:9d:00
Fingerprint (sha256): c9:78:1b:eb:c0:70:27:2f:c5:de:68:e6:b4:53:d4:d4:2c:95:7f:2e:17:64:e6:08:4d:53:bb:aa:f7:60:7b:96

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate *.lhcaz.gov

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.lhcaz.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.lhcaz.gov
mail.lhcaz.gov
lhcaz.gov

Other certificates including the domain name lhcaz.gov

(limited to 100 certificates)
helpdesk.lhcaz.gov
owa2.lhcaz.gov
helpdesk.premierpress.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
helpdesk.roadandrail.com
iithelp.childrensmuseum.org
*.lhcaz.gov
servicedesk.galvestoncountytx.gov
teledmz.lhcaz.gov
support.healthshareexchange.org
ADFS.lhcaz.gov
support.firsteagle.com
servicedesk.tangerinelife.com
owa2.lhcaz.gov
servicedesk.tangerinelife.com
ADFS.lhcaz.gov
portal.buyautopartsonline.shop
serviceportal.tecolote.com
*.lhcaz.gov
register.lhcaz.gov
support.healthshareexchange.org
helpdesk.plan-roa.org
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
portal.buyautopartsonline.shop
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
*.lhcaz.gov
servicedesk.tangerinelife.com
*.lhcaz.gov
servicedesk.tangerinelife.com
*.lhcaz.gov
helpdesk.plan-roa.org
support.firsteagle.com
support.firsteagle.com
servicedesk.jalladgroup.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
helpdesk.roadandrail.com
support.healthshareexchange.org
support.healthshareexchange.org
portal.buyautopartsonline.shop
itsm.questmindshare.com
Lhcimagetrend.lhcaz.gov
ADFS.lhcaz.gov
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
*.lhcaz.gov
*.lhcaz.gov
helpdesk.plan-roa.org
helpdesk.hpretiro.hi-precision.com.ph
itsm.questmindshare.com
servicedesk.jalladgroup.com
helpdesk.premierpress.com
iithelp.childrensmuseum.org
ncbahelpdesk.ncbal.com
servicedesk.tangerinelife.com
servicedesk.galvestoncountytx.gov
servicedesk.tangerinelife.com
iithelp.childrensmuseum.org
support.firsteagle.com
support.envisionunlimited.org
support.envisionunlimited.org
ADFS.lhcaz.gov
*.lhcaz.gov
itsm.questmindshare.com
servicedesk.tangerinelife.com
helpdesk.hpretiro.hi-precision.com.ph
helpdesk.hpretiro.hi-precision.com.ph
servicedesk.tangerinelife.com
portal.buyautopartsonline.shop
servicedesk.tangerinelife.com
helpdesk.lhcaz.gov
serviceportal.tecolote.com
servicedesk.tangerinelife.com
servicedesk.galvestoncountytx.gov
servicedesk.jalladgroup.com
servicedesk.tangerinelife.com
iithelp.childrensmuseum.org
helpdesk.plan-roa.org
itsm.questmindshare.com
servicedesk.tangerinelife.com
servicedesk.tangerinelife.com
helpdesk.genelhavacilik.com.tr
servicedesk.tangerinelife.com
serviceportal.tecolote.com
servicedesk.tangerinelife.com

Certificate

The complete raw certificate details for *.lhcaz.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG8jCCBdqgAwIBAgIQAVKdnH5faeVZtstPMM/cTjANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
NDA5MDAwMDAwWhcNMjUwNTEwMjM1OTU5WjBrMQswCQYDVQQGEwJVUzEQMA4GA1UE
CBMHQXJpem9uYTEZMBcGA1UEBxMQTGFrZSBIYXZhc3UgQ2l0eTEZMBcGA1UEChMQ
TGFrZSBIYXZhc3UgQ2l0eTEUMBIGA1UEAwwLKi5saGNhei5nb3YwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOl5iHM6CcRXWWfSj+/2yEZbHhmkJScMBY
TdvDYshHFwRNzA6bQ/GXdedAkScgszKGZF3IsMjd9deuJyKp7kHgaH8CzVxzYgYm
wbuz1caCR3wrh/92q7/wuWqLC2wcVDpSSbDsPwXlZYFlcoZYdp21TEorWJjpgYyP
HjQOOOMqkDrZrYN3e3qEnryeb7K6QmY5nhQ0eP6ahtHWwtL8EKlAbg35JcYdoZYt
P0B1/UaQXyuBxp3HLH9rvCVE9ijMeDjsyLHaUmybHMjTwpXD+b70oqTdIyVs329p
/UAJhD1DwIhH38GjUGVxvdh/+De0+BzmhM29Fro0MUPuxHGu07WLAgMBAAGjggOi
MIIDnjAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3qgMdvu3NFzAdBgNVHQ4EFgQU
46GGYZRcUImCx4dx+ptimUSNDJgwMQYDVR0RBCowKIILKi5saGNhei5nb3aCDm1h
aWwubGhjYXouZ292gglsaGNhei5nb3YwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAn
BggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1UdHwSB
lzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv
YmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3JsMEigRqBEhkJodHRwOi8vY3Js
NC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBD
QTEtMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDovL29j
c3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5kaWdp
Y2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5j
cnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYATnWj
J1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGOwzrQ6QAABAMARzBFAiBw
TmnWvhSPYDOiP4vGhSMnZQezyRJqqHf78pq4gUcqeQIhAPdCxH8PKfiVXP7WVK8/
vnTNhouifBZxA6VWqNyxE9kCAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6Oq
HQcT0wwAAAGOwzrRJwAABAMARzBFAiBH/haNZ1Aob164evrijYa/GsVHKmN5naij
9QblFqQccQIhAKIf2uFFxH4id8cKlWt9DHCqmdpbcT8tKe/+pVmNHtyxAHYAfVke
EuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGOwzrQcQAABAMARzBFAiB8
4w7HclqQLJ7DiTyvI2naDzQtWrzJRmEfBEfFDSG04AIhAMBLuENZhw8o+N8B4Juf
fUPn9JXASZBS1LuOGbsC4LE8MA0GCSqGSIb3DQEBCwUAA4IBAQCP25Dcred1v0r6
Yz7bZ9Itwkm2w6aDjhQCJ9fN+QQEeCqFdr6FeuhiHGc1SXwo2ElQQAGVPGkp0bBw
ynLk87F22ZW1MgEDAWsUcuu2Y6h0tJCcP/AyH49qAs6GpQSZbBDP9SNbIqEXRooC
fP1jTAWN7f0njTmMc3upI0VKR2D2R/cWXI5f+bt6nRjR/xmwM5INXx8HTIyIJv89
EILc5RtKNGSGO8sI0fIE2UrlLSmw2Y5YaxIHMyiah3Vs2QZuX1jz6gBsFzGGChW2
ae1UguqbnzqCIrAFXCEWRWMwuC2BSk0Cdry5eCBGZGkj9v+QQBc2J08h2WiCnU+j
DksV78lH
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpeYhzOgnEV1ln0o/v9s
hGWx4ZpCUnDAWE3bw2LIRxcETcwOm0Pxl3XnQJEnILMyhmRdyLDI3fXXriciqe5B
4Gh/As1cc2IGJsG7s9XGgkd8K4f/dqu/8LlqiwtsHFQ6Ukmw7D8F5WWBZXKGWHad
tUxKK1iY6YGMjx40DjjjKpA62a2Dd3t6hJ68nm+yukJmOZ4UNHj+mobR1sLS/BCp
QG4N+SXGHaGWLT9Adf1GkF8rgcadxyx/a7wlRPYozHg47Mix2lJsmxzI08KVw/m+
9KKk3SMlbN9vaf1ACYQ9Q8CIR9/Bo1Blcb3Yf/g3tPgc5oTNvRa6NDFD7sRxrtO1
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1758193075196356545539072549857516622
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lake Havasu City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lake Havasu City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.lhcaz.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18000593986722543294012207742549838999025732450370908143259843070769700036694355959520173906430881978666581855050993318287748027799504251848962291072804637240491208674214832940988507613488321862960375217077143650190743728935438103466564039829425678764380474116805619763373938430697092467680596919709003799289714923909020537041059071318510404662766635174066645114012485576774700826548802830234394714097886625389067053630301689769619161918032415193383685908084286392385480286123010435955345971727517416785836209739843967569849083800292620280590360025762243275009746089352622206115528305326751869688268019724759833228683
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e3a18661945c508982c78771fa9b6299448d0c98
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lhcaz.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.lhcaz.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lhcaz.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ec33ad0e900000403004730450220704e69d6be148f6033a23f8bc68523276507b3c9126aa877fbf29ab881472a79022100f742c47f0f29f8955cfed654af3fbe74cd868ba27c167103a556a8dcb113d9020076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018ec33ad1270000040300473045022047fe168d6750286f5eb87afae28d86bf1ac5472a63799da8a3f506e516a41c71022100a21fdae145c47e2277c70a956b7d0c70aa99da5b713f2d29effea5598d1edcb10076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ec33ad071000004030047304502207ce30ec7725a902c9ec3893caf2369da0f342d5abcc946611f0447c50d21b4e0022100c04bb84359870f28f8df01e09b9f7d43e7f495c0499052d4bb8e19bb02e0b13c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008fdb90dcade775bf4afa633edb67d22dc249b6c3a6838e140227d7cdf90404782a8576be857ae8621c6735497c28d849504001953c6929d1b070ca72e4f3b176d995b5320103016b1472ebb663a874b4909c3ff0321f8f6a02ce86a504996c10cff5235b22a117468a027cfd634c058dedfd278d398c737ba923454a4760f647f7165c8e5ff9bb7a9d18d1ff19b033920d5f1f074c8c8826ff3d1082dce51b4a3464863bcb08d1f204d94ae52d29b0d98e586b120733289a87756cd9066e5f58f3ea006c1731860a15b669ed5482ea9b9f3a8222b0055c2116456330b82d814a4d0276bcb9782046646923f6ff90401736274f21d968829d4fa30e4b15efc947