damasjewellery.com

- Cloudflare, Inc. -

Issued by Cloudflare Inc RSA CA-2

About this certificate

This digital certificate with serial number 06:07:ae:33:f2:07:2f:23:1d:80:4b:f3:8b:76:71:06 was issued on by Cloudflare, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:07:ae:33:f2:07:2f:23:1d:80:4b:f3:8b:76:71:06
Serial Number (int): 8015247307530620105446868950738956550
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 9f:1a:c4:6d:fe:8b:13:ab:5e:12:f6:e2:b7:25:2b:a7:fd:c1:73:50
AuthorityKeyId: 18:a9:1a:fc:b2:45:49:c1:6f:30:34:08:2b:d9:87:9c:b0:25:57:7a

Fingerprint (sha1): 4c:93:98:4a:db:3c:7f:e0:b0:71:ed:5c:6a:b0:4d:cd:67:29:ad:d9
Fingerprint (sha256): cf:a2:5b:0f:89:57:ca:1f:cd:75:d5:9d:0c:93:e3:54:04:48:9a:d0:e3:a0:19:62:45:de:35:9b:e0:21:d0:0d

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncRSACA-2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncRSACA-2.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncRSACA-2.crl

Check the revocation status for certificate damasjewellery.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for damasjewellery.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

damasjewellery.com
*.damasjewellery.com

Other certificates including the domain name damasjewellery.com

(limited to 100 certificates)
damasjewellery.com
catalogs.damasjewellery.com
damasjewellery.com
damasjewellery.com
helpdesk.fairwaylawns.com
damasjewellery.com
damasjewellery.com
damasjewellery.com
damasjewellery.com
krypcservicedesk.krypc.com
servicedesk.damasjewellery.com
damasjewellery.com
service-desk.awansoft.biz
krypcservicedesk.krypc.com
assets.damasjewellery.com
catalogs.damasjewellery.com
catalogs.damasjewellery.com
damasjewellery.com
mail.damasjewellery.com
itservicedesk.krypc.com
analytics.damasjewellery.com
ithelpdesk.ut.com.my
damasjewellery.com
mail.damasjewellery.com
mail.damasjewellery.com
servicedesk.damasjewellery.com
ithelpdesk.ut.com.my
damasjewellery.com
damasjewellery.com
catalogs.damasjewellery.com
damasjewellery.com
damasjewellery.com
mail.damasjewellery.com
damasjewellery.com
krypcservicedesk.krypc.com
servicedesk.damasjewellery.com
damasjewellery.com
dmsfs.damasjewellery.com
mail.damasjewellery.com

Certificate

The complete raw certificate details for damasjewellery.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgIQBgeuM/IHLyMdgEvzi3ZxBjANBgkqhkiG9w0BAQsFADBK
MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE
AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjMwNjI5MDAwMDAwWhcNMjQw
NjI4MjM1OTU5WjByMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW
MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j
LjEbMBkGA1UEAxMSZGFtYXNqZXdlbGxlcnkuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAnevvQSEcTzxeMulThob4E38qPJ/c0YiPSqkZTmoHssfq
u3eBF8swEqT1rs7LkvmW4w31ICdxDgJT6gQHFb+uuv/+19E6sxQHTK02Iw8lvsKu
/uegJ44Z5kPkJfqNRK+9atBJPCFxCT2X3NrYoZEecyZYzklMZBndbeI8m2FTUwbQ
1U+ZxwAm8S22YzI0JrbZ987rJUJuoJ5HU8b+ugfFW/IebnFj8aeBFotrjBO6PBqQ
4moySqkWUqqsC3o0IPPSwPahDrU9a2T5WAcCgpTTsJ2fPdVQqXbVHwdX3bcz6FVi
R92uvSTZKjNIDMoFD4YXxNzwB5ziB90cKMM/Zz3PyQIDAQABo4IDbjCCA2owHwYD
VR0jBBgwFoAUGKka/LJFScFvMDQIK9mHnLAlV3owHQYDVR0OBBYEFJ8axG3+ixOr
XhL24rclK6f9wXNQMDMGA1UdEQQsMCqCEmRhbWFzamV3ZWxsZXJ5LmNvbYIUKi5k
YW1hc2pld2VsbGVyeS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5k
aWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY1JTQUNBLTIuY3JsMDegNaAzhjFodHRw
Oi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY1JTQUNBLTIuY3JsMD4G
A1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGln
aWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6
Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMu
ZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNydDAMBgNVHRMBAf8E
AjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwB2/4g/Crb7lVHCYcz1h7o0
tKTNuyncaEIKn+ZnTFo6dAAAAYkE6GggAAAEAwBIMEYCIQDUMllk8K0dlQkzp+Yq
6rjwFQsTRmH0CLEVOdd8nD95AAIhAMrYPMxHViNm/7jHGVAIfd1b8xhK1xDaoxEm
uYANeGw+AHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGJBOho
TgAABAMARzBFAiEAi95bZyFFmviCncMoWdbMyycD3QIQzj1DcqweQpwmO5QCIGQR
rGyerfoNdzzpOU46m04CBBkc3YJLSaKtBG5Fzx69AHYA2ra/az+1tiKfm8K7XGvo
cJFxbLtRhIU0vaQ9MEjX+6sAAAGJBOhoDgAABAMARzBFAiEA1sNeGX3TnNwR3Fh2
ork4QI8dM6jDYHASeRiirphVsZ4CIGN2di7dJYqs6HHmP1DjztqKN2BbytDzCO6Z
p+cF7fetMA0GCSqGSIb3DQEBCwUAA4IBAQCITYV0J82SGMrwW3OHv+fPR3YQEO2E
bzUn6jiERfUBaUzvymwfGES0xKQmSwleF6oFiDt/bGQTiVW/MiQyfbCOQ7SWGX+k
4ExhhaRWrtfVT3E66TftVll+n3vQd4MSQgAkiHz6Y2t4YElbgPSf0R7+WNhu5ELJ
Uv7REzinv4xeyNt8hfXeoHF945kXuDseHWNX22UI41PJ8nJLTS1qSp4k4xEPVldB
D/k/iz4OX1lLlPNvoor6E1bZSfW4d7Bcawsl4gQ1bj4wbI+O8qDbItReR3OxSolj
gM9eAYk4AtU1+gXIjCUdhgcG52ej2DW8BLeeoo3Diua4UPT/DBpBkkDY
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnevvQSEcTzxeMulThob4
E38qPJ/c0YiPSqkZTmoHssfqu3eBF8swEqT1rs7LkvmW4w31ICdxDgJT6gQHFb+u
uv/+19E6sxQHTK02Iw8lvsKu/uegJ44Z5kPkJfqNRK+9atBJPCFxCT2X3NrYoZEe
cyZYzklMZBndbeI8m2FTUwbQ1U+ZxwAm8S22YzI0JrbZ987rJUJuoJ5HU8b+ugfF
W/IebnFj8aeBFotrjBO6PBqQ4moySqkWUqqsC3o0IPPSwPahDrU9a2T5WAcCgpTT
sJ2fPdVQqXbVHwdX3bcz6FViR92uvSTZKjNIDMoFD4YXxNzwB5ziB90cKMM/Zz3P
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8015247307530620105446868950738956550
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc RSA CA-2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'damasjewellery.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19935757560977945759131992656854215603586175524001741097317913188052647315201914270062764497434185499239520223227679711851784781063603840717716241024349480046373016140817850668403331006370987531233040892202314066626222589510169269890396363574759575923417092226472125463615211874192823689251476118360337015484973554182789539965443333989677509914272445697355070485744478834067063936576248242884396504129282211110714277298152451607672380272042180970317621188091692912859292446079201751562759309136652950188220642941797238919906485467877597192866508232192626031773723575578952914322301474614523148016792266040148777357257
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 18a91afcb24549c16f3034082bd9879cb025577a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9f1ac46dfe8b13ab5e12f6e2b7252ba7fdc17350
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'damasjewellery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.damasjewellery.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncRSACA-2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncRSACA-2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncRSACA-2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018904e868200000040300483046022100d4325964f0ad1d950933a7e62aeab8f0150b134661f408b11539d77c9c3f7900022100cad83ccc47562366ffb8c71950087ddd5bf3184ad710daa31126b9800d786c3e00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018904e8684e00000403004730450221008bde5b6721459af8829dc32859d6cccb2703dd0210ce3d4372ac1e429c263b9402206411ac6c9eadfa0d773ce9394e3a9b4e0204191cdd824b49a2ad046e45cf1ebd007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018904e8680e0000040300473045022100d6c35e197dd39cdc11dc5876a2b938408f1d33a8c36070127918a2ae9855b19e02206376762edd258aace871e63f50e3ceda8a37605bcad0f308ee99a7e705edf7ad
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00884d857427cd9218caf05b7387bfe7cf47761010ed846f3527ea388445f501694cefca6c1f1844b4c4a4264b095e17aa05883b7f6c64138955bf3224327db08e43b496197fa4e04c6185a456aed7d54f713ae937ed56597e9f7bd0778312420024887cfa636b7860495b80f49fd11efe58d86ee442c952fed11338a7bf8c5ec8db7c85f5dea0717de39917b83b1e1d6357db6508e353c9f2724b4d2d6a4a9e24e3110f5657410ff93f8b3e0e5f594b94f36fa28afa1356d949f5b877b05c6b0b25e204356e3e306c8f8ef2a0db22d45e4773b14a896380cf5e01893802d535fa05c88c251d860706e767a3d835bc04b79ea28dc38ae6b850f4ff0c1a419240d8