ecom.youravon.com

- The Avon Company -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0c:28:76:e8:97:ad:3e:7e:46:d8:2a:64:87:f5:3f:90 was issued on by DigiCert Inc.

With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Avon Company

Organization: The Avon Company
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0c:28:76:e8:97:ad:3e:7e:46:d8:2a:64:87:f5:3f:90
Serial Number (int): 16160839575968993552356256273344577424
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 67:92:b5:4a:86:3f:d0:1e:86:55:0e:50:d9:09:42:6d:fd:6f:09:68
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 2c:68:ef:ee:ab:55:f1:46:44:c2:91:16:14:91:b6:3c:70:03:12:f0
Fingerprint (sha256): d3:77:ef:f7:b1:d4:88:71:8c:ff:5b:bf:9a:2d:00:08:0d:c1:98:3d:e6:9a:c8:29:61:b4:06:52:bc:60:54:50

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate ecom.youravon.com

18

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ecom.youravon.com

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Agreement

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ecom.youravon.com
01.avoncdn.com
02.avoncdn.com
03.avoncdn.com
agws-sec.youravon.com
agws.youravon.com
avon.avon.com
avon.com
avoncdn.com
nasl.youravon.com
qap.youravon.com
qap2.youravon.com
shopapi.avon.com
webeservicesqap.avon.com
www.avon.com
www.youravon.com
www2.youravon.com
youravon.com

Other certificates including the domain name youravon.com

(limited to 100 certificates)
ecom.youravon.com
ecom2.youravon.com
ecom.youravon.com
social.youravon.com
avonu-qaf.youravon.com
smetrix.youravon.com
static1.br.avon.com
go.youravon.com
smetrix.youravon.com
ecom2.youravon.com
smetrix.youravon.com
catalog.avonnow.com
www.avon.com
catalog.avonnow.com
go-qaf.youravon.com
prp.youravon.com
*.youravon.com
go.youravon.com
sweeps.youravon.com
avonu.youravon.com
*.youravon.com
www.avon.com
sweeps.youravon.com
ecom.youravon.com
static1.br.avon.com
ecom.youravon.com
prowessapp.youravon.com
sweeps.youravon.com
sweeps.youravon.com
sweeps.youravon.com
ecom.youravon.com
social.youravon.com
static1.br.avon.com
static1.br.avon.com
ecom.youravon.com
*.youravon.com
ecom.youravon.com
*.youravon.com
smetrix.youravon.com
sweeps.youravon.com
avonu-qaf.youravon.com
sweeps.youravon.com
social.youravon.com
static1.br.avon.com
www.avon.com
avonu.youravon.com
smetrix.youravon.com
social.youravon.com
*.youravon.com
*.youravon.com
smetrix.youravon.com
static1.br.avon.com
ecom2.youravon.com
social-qaf.youravon.com
*.qa.youravon.com
static1.br.avon.com
sweeps.youravon.com
www.youravon.com
www.avon.com
sweeps-qaf.youravon.com
smetrix.youravon.com
ezreturns.youravon.com
static1.br.avon.com
catalog.avonnow.com
static1.br.avon.com
sweeps.youravon.com
smetrix.youravon.com
ecom.youravon.com
sweeps.youravon.com
static1.br.avon.com
static1.br.avon.com
ecom.youravon.com
static1.br.avon.com
static1.br.avon.com
smetrix.youravon.com
ecom.youravon.com
avonu.youravon.com
www.avon.com
ecom2.youravon.com
go.youravon.com
agws-sec.avon.com
static1.br.avon.com
agws-sec.avon.com
www.avon.com
ecom.youravon.com
*.youravon.com
smetrix.youravon.com
static1.br.avon.com
sweeps.youravon.com
catalog.avonnow.com
avonu.youravon.com
prod-ecom-aws.avonnow.com
social.youravon.com
smetrix.youravon.com
agws-sec.avon.com
catalog.avonnow.com
ecom2.youravon.com
ecom.youravon.com
static1.br.avon.com
www.avon.com

Certificate

The complete raw certificate details for ecom.youravon.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHGDCCBgCgAwIBAgIQDCh26JetPn5G2Cpkh/U/kDANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzA5MTEwMDAwMDBa
Fw0yNDA5MTEyMzU5NTlaMGoxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9y
azERMA8GA1UEBxMITmV3IFlvcmsxGTAXBgNVBAoTEFRoZSBBdm9uIENvbXBhbnkx
GjAYBgNVBAMTEWVjb20ueW91cmF2b24uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEHAQUjBDA0xuazltB7OQfC2rQ4i9YRW252zFmQPZ648Pfq2O8gSy/lu6X
galcsOHPnxR1KVDF9JESsX1dg/LCcqOCBJ4wggSaMB8GA1UdIwQYMBaAFLdrouqo
qoSMeeq02g+YssWVdrn0MB0GA1UdDgQWBBRnkrVKhj/QHoZVDlDZCUJt/W8JaDCC
AUUGA1UdEQSCATwwggE4ghFlY29tLnlvdXJhdm9uLmNvbYIOMDEuYXZvbmNkbi5j
b22CDjAyLmF2b25jZG4uY29tgg4wMy5hdm9uY2RuLmNvbYIVYWd3cy1zZWMueW91
cmF2b24uY29tghFhZ3dzLnlvdXJhdm9uLmNvbYINYXZvbi5hdm9uLmNvbYIIYXZv
bi5jb22CC2F2b25jZG4uY29tghFuYXNsLnlvdXJhdm9uLmNvbYIQcWFwLnlvdXJh
dm9uLmNvbYIRcWFwMi55b3VyYXZvbi5jb22CEHNob3BhcGkuYXZvbi5jb22CGHdl
YmVzZXJ2aWNlc3FhcC5hdm9uLmNvbYIMd3d3LmF2b24uY29tghB3d3cueW91cmF2
b24uY29tghF3d3cyLnlvdXJhdm9uLmNvbYIMeW91cmF2b24uY29tMD4GA1UdIAQ3
MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMBMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyGOmh0
dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBD
QTEtNC5jcmwwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
cC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9jYWNlcnRzLmRpZ2lj
ZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0T
AQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYAdv+IPwq2+5VRwmHM
9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGKgZUkHgAABAMARzBFAiBgOF39cuERKCIh
+hHV1BLi8pxDVqjB0ItbohSzoQ9QOwIhANraUKe8zdyOnkzFnrljs9FnIEw1AE9t
nUdUzqsjfJ/kAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGK
gZUkFwAABAMARjBEAiAnnmCbVpGURn4pyCbbYwxMFvMssYkQCXfjdh/doUeEXgIg
A9LkoLupQfmi5A5ozR2pJQGN6f2upktp2L75kYZWo8gAdgDatr9rP7W2Ip+bwrtc
a+hwkXFsu1GEhTS9pD0wSNf7qwAAAYqBlSO6AAAEAwBHMEUCICuFbFDexdmqxzb8
4oPtZTBBHXUC817O916YHBMpIjrUAiEA3FXd6s9mAZ/bN23kTbl0iAHM4sqelxvx
2XoKnvStBdUwDQYJKoZIhvcNAQELBQADggEBAElSZ1MgH3qtGJnWGWLYf5+LIlan
4ulTL4UspveIMbfAhVBXDWj0OSuvONa2C+kvUPFcWVemviblENG/Pa+T9bcaEAt/
/AJrawlSlhQuw1NKdfs+vHTZOwlmagMux10dLM+ZrQ8CAQ1WB3TAAt0SoLYGr/9f
fbwukuMEkuF5xhRTlxZzGGfekMUerLj3Nl25xRXB4PsZ+xeJZC9ErGjX9wDTXJrr
qm7ROmszEIWMR44UAk86XSIrpRdJSe1R5kE3QChDqnCvIEZSm0hsgbW4OGvmFeMN
rGJjLRCVOcbAEDDfoiiUmeupaYhjFUbM00E7b99vEKRuELEJUXPM6h5lrTY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHAQUjBDA0xuazltB7OQfC2rQ4i9Y
RW252zFmQPZ648Pfq2O8gSy/lu6XgalcsOHPnxR1KVDF9JESsX1dg/LCcg==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16160839575968993552356256273344577424
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Avon Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ecom.youravon.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				00041c04148c10c0d31b9ace5b41ece41f0b6ad0e22f58456db9db316640f67ae3c3dfab63bc812cbf96ee9781a95cb0e1cf9f14752950c5f49112b17d5d83f2c272
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6792b54a863fd01e86550e50d909426dfd6f0968
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (316 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecom.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '01.avoncdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '02.avoncdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '03.avoncdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agws-sec.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agws.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avon.avon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avoncdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nasl.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qap.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qap2.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shopapi.avon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webeservicesqap.avon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.youravon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'youravon.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							0388
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018a8195241e0000040300473045022060385dfd72e111282221fa11d5d412e2f29c4356a8c1d08b5ba214b3a10f503b022100dada50a7bccddc8e9e4cc59eb963b3d167204c35004f6d9d4754ceab237c9fe400750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a8195241700000403004630440220279e609b569194467e29c826db630c4c16f32cb189100977e3761fdda147845e022003d2e4a0bba941f9a2e40e68cd1da925018de9fdaea64b69d8bef9918656a3c8007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a819523ba000004030047304502202b856c50dec5d9aac736fce283ed6530411d7502f35ecef75e981c1329223ad4022100dc55ddeacf66019fdb376de44db9748801cce2ca9e971bf1d97a0a9ef4ad05d5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0049526753201f7aad1899d61962d87f9f8b2256a7e2e9532f852ca6f78831b7c08550570d68f4392baf38d6b60be92f50f15c5957a6be26e510d1bf3daf93f5b71a100b7ffc026b6b095296142ec3534a75fb3ebc74d93b09666a032ec75d1d2ccf99ad0f02010d560774c002dd12a0b606afff5f7dbc2e92e30492e179c614539716731867de90c51eacb8f7365db9c515c1e0fb19fb1789642f44ac68d7f700d35c9aebaa6ed13a6b3310858c478e14024f3a5d222ba5174949ed51e64137402843aa70af2046529b486c81b5b8386be615e30dac62632d109539c6c01030dfa2289499eba96988631546ccd3413b6fdf6f10a46e10b1095173ccea1e65ad36