www.tiffany.com
- Tiffany and Co -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 0d:8f:2b:4d:00:8e:e3:f9:f4:52:24:36:30:c2:89:84 was issued on by DigiCert Inc.
With 26 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Tiffany and Co
Organization:
Tiffany and Co
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:8f:2b:4d:00:8e:e3:f9:f4:52:24:36:30:c2:89:84Serial Number (int): 18023340640328601373232914007872145796
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ac:0c:57:47:82:94:a3:fd:5e:70:8e:f6:7d:70:94:3e:bc:80:42:aa
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 0d:da:0e:a8:03:8b:53:3c:10:ba:46:d4:24:ed:4c:63:7c:0f:8c:9b
Fingerprint (sha256): d6:86:59:68:78:d1:6d:d6:5b:27:38:d3:27:49:88:a8:ad:ac:d9:da:cc:53:62:54:08:bf:12:b8:45:92:cf:90
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate www.tiffany.com
26
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.tiffany.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cdn.tiffany.com
be.tiffany.com
www.zh.tiffany.com
www.whatmakeslovetrue.com
www.tiffanywatches.com
www.tiffanytrade.jp
www.tiffanytrade.com
www.tiffany.kr
www.tiffany.it
www.tiffany.ie
www.tiffany.fr
www.tiffany.es
www.tiffany.de
www.tiffany.com.ru
www.tiffany.com.au
www.tiffany.com
www.tiffany.cn
www.tiffany.at
www.salesservice.tiffany.com
www.estore-tco.jp
www.estore-tco.com
tiffany.com
nl.tiffany.com
international.tiffany.com
fr.tiffany.ca
fonts.tiffany.com
be.tiffany.com
www.zh.tiffany.com
www.whatmakeslovetrue.com
www.tiffanywatches.com
www.tiffanytrade.jp
www.tiffanytrade.com
www.tiffany.kr
www.tiffany.it
www.tiffany.ie
www.tiffany.fr
www.tiffany.es
www.tiffany.de
www.tiffany.com.ru
www.tiffany.com.au
www.tiffany.com
www.tiffany.cn
www.tiffany.at
www.salesservice.tiffany.com
www.estore-tco.jp
www.estore-tco.com
tiffany.com
nl.tiffany.com
international.tiffany.com
fr.tiffany.ca
fonts.tiffany.com
Other certificates including the domain name tiffany.com
(limited to 100 certificates)
appointments.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sstats.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
*.ereceipt.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
neo.tiffany.com
cara.tiffany.com
media.tiffany.com
www.tiffany.com
pa.tiffany.com
international.tiffany.com
subscribe.tiffany.com
ukukcacs02.tiffany.com
dev3.edev.tiffany.com
neo.tiffany.com
media.tiffany.com
san-002.ceros.com
qa2-aem.tiffany.com
uk.tiffany.com
qa2-aem.tiffany.com
www.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
pkb.tiffany.com
www.tiffany.es
www.tiffany.com
neo.tiffany.com
san-002.ceros.com
www.tiffany.com
fonts.tiffany.com
appfront.tiffany.com
api.tiffany.com
www.tiffany.es
qa3-aem.tiffany.com
subscribe.tiffany.com
www.tiffany.com
sts.tiffany.com
san-002.ceros.com
media.tiffany.com
cara.tiffany.com
secure5s.scene7.com
subscribe.tiffany.com
san-002.ceros.com
mi.tiffany.com
san-002.ceros.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
uk.tiffany.com
neo.tiffany.com
www.pa.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
sstats.be.tiffany.com
ps2b.tiffany.com
sstats.tiffany.com
sts.tiffany.com
cybebrark.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
san-002.ceros.com
san-002.ceros.com
tconsacsp04.tiffany.com
leapfrog-ssl-9.gcs-web.com
subscribe.tiffany.com
adobeconsole-qa.tiffany.com
qa-cara.tiffany.com
san-002.ceros.com
ps2b.tiffany.com
hk-payment.tiffany.com
mail.tiffany.com
leapfrog-ssl-9.gcs-web.com
mail.tiffany.com
*.ereceipt.tiffany.com
ukukcacs01.tiffany.com
connect.tiffany.com
www.tiffany.com
sftp.tiffany.com
connect.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
ukukcacs02.tiffany.com
t.tco.tiffany.com
neo.tiffany.com
media.tiffany.com
ringfinder-stage.tiffany.com
tco.tiffany.com
www.tiffany.com
www.pa.tiffany.com
qa-api.tiffany.com
sts.tiffany.com
qa1-aem.tiffany.com
test1.edev.tiffany.com
mail.tiffany.com
qa-api.tiffany.com
www.estore-tco.com
qa1-aem.tiffany.com
appfront.tiffany.com
san-002.ceros.com
san-002.ceros.com
www.estore-tco.com
sstats.tiffany.com
san-35-s12.tlsprovisioning.exacttarget.com
sftp.tiffany.com
leapfrog-ssl-9.gcs-web.com
www.tiffany.com
www.qa1.tiffany.com
Certificate
The complete raw certificate details for www.tiffany.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIRzCCBy+gAwIBAgIQDY8rTQCO4/n0UiQ2MMKJhDANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0yMTExMjcwMDAwMDBaFw0yMjExMjkyMzU5NTlaMGYxCzAJBgNVBAYTAlVTMREw DwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFzAVBgNVBAoTDlRp ZmZhbnkgYW5kIENvMRgwFgYDVQQDEw93d3cudGlmZmFueS5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7/zmWM76gorSDVjnZDNiZf73Y2o8ScZWa 89SdRIWPJLn4beUa3PIqNwUX0ml+h9IMJY43K/jy+tCir2GW1LWBx7GcZpoiVfN/ dfoMQkOfIOinKk7NUgh8oC8syzSF/sZXF8qtLxHV/VnSX4YBlYega4ZPnmd8MjWy G3s+IVQy2FmPI0H+awDuAmJITvznbBHDTtJxQHJfVeQr14cWwRnhi/J0O1SyDuP6 SYVGd74t2K9LFci0XNSemCdxwKoo2GKZzcHCG27tiHnrwokF5EtuXXyDqED9gf9y ZE9VveAvpePmoiZuQ1NarkGENsPB5Hm/GhcdS40VfTYLWjRmuaYLAgMBAAGjggT3 MIIE8zAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNVHQ4EFgQU rAxXR4KUo/1ecI72fXCUPryAQqowggH4BgNVHREEggHvMIIB64IPY2RuLnRpZmZh bnkuY29tgg5iZS50aWZmYW55LmNvbYISd3d3LnpoLnRpZmZhbnkuY29tghl3d3cu d2hhdG1ha2VzbG92ZXRydWUuY29tghZ3d3cudGlmZmFueXdhdGNoZXMuY29tghN3 d3cudGlmZmFueXRyYWRlLmpwghR3d3cudGlmZmFueXRyYWRlLmNvbYIOd3d3LnRp ZmZhbnkua3KCDnd3dy50aWZmYW55Lml0gg53d3cudGlmZmFueS5pZYIOd3d3LnRp ZmZhbnkuZnKCDnd3dy50aWZmYW55LmVzgg53d3cudGlmZmFueS5kZYISd3d3LnRp ZmZhbnkuY29tLnJ1ghJ3d3cudGlmZmFueS5jb20uYXWCD3d3dy50aWZmYW55LmNv bYIOd3d3LnRpZmZhbnkuY26CDnd3dy50aWZmYW55LmF0ghx3d3cuc2FsZXNzZXJ2 aWNlLnRpZmZhbnkuY29tghF3d3cuZXN0b3JlLXRjby5qcIISd3d3LmVzdG9yZS10 Y28uY29tggt0aWZmYW55LmNvbYIObmwudGlmZmFueS5jb22CGWludGVybmF0aW9u YWwudGlmZmFueS5jb22CDWZyLnRpZmZhbnkuY2GCEWZvbnRzLnRpZmZhbnkuY29t MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1 c3RSU0FDQTIwMTguY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUH AgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB1BggrBgEFBQcBAQRpMGcw JgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUF BzAChjFodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIw MTguY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2 ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABfV6zdFcAAAQDAEcw RQIgQ8QK39einSctPcwdRgRRMo4a4mH6mhrh0loOYVovznICIQDgUcq73O8sp8Jt c4xW22LUrAMR79E1KsCHdGm+0D85sAB3AEHIyrHfIkZKEMahOglCh15OMYsbA+vr S8do8JBilgb2AAABfV6zdEcAAAQDAEgwRgIhANdy9u6s0YfhDY9hczHpjFRfh/h6 sB7vL3MmgDwXqI4TAiEAobZL/8tG/wavokWy8sEnj+8B6EuUP25qPI6sY0Fj+V4A dgDfpV6raIJPH2yt7rhfTj5a6s2iEqRqXo47EsAgRFwqcwAAAX1es3SaAAAEAwBH MEUCIFY2ibl4ckM0/7HIawrYw2wRsrS4yF1X6L1zyoeZPNozAiEA3ZWY0AKiTNKQ vgBXuaPXWp1o5DmFFwV36dAEhhK6gN0wDQYJKoZIhvcNAQELBQADggEBAL0lp+p8 bAkrgVxm9EmoibjfaGUcjUSsmlIKd4NXchZPnZ2zT2DMUveRcJgS5nfOM/w1rCC+ gblVpTf9ZvfLYG7GCLTF5okGYdg+F5FbUsgVCvxg7LgyZCK74ot4zWNPF/iF/5Br Xfx71XDupoCQ5dRq9nuBPZgqKzSsXzVJa99nigqtHE6LzsfBkwakadOUH/8wqbOe jtCyLFo5w8Ht6HPqYCsyNefFnggH8gqE1I/lJiDrH21IB/XKmZnkM4xOku6Z/h4K NX2MpZU9WISROBzW34AeAqZaEVLD38z3I9QjinPWiDwlNVxehxzV8+oTaNFJiBZS QIJZj52Ur6UKVXE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/85ljO+oKK0g1Y52QzY mX+92NqPEnGVmvPUnUSFjyS5+G3lGtzyKjcFF9JpfofSDCWONyv48vrQoq9hltS1 gcexnGaaIlXzf3X6DEJDnyDopypOzVIIfKAvLMs0hf7GVxfKrS8R1f1Z0l+GAZWH oGuGT55nfDI1sht7PiFUMthZjyNB/msA7gJiSE7852wRw07ScUByX1XkK9eHFsEZ 4YvydDtUsg7j+kmFRne+LdivSxXItFzUnpgnccCqKNhimc3Bwhtu7Yh568KJBeRL bl18g6hA/YH/cmRPVb3gL6Xj5qImbkNTWq5BhDbDweR5vxoXHUuNFX02C1o0Zrmm CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18023340640328601373232914007872145796 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tiffany and Co' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.tiffany.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23732419141308555788725769668866131400372888555536503103796825113560269599514736433089419832848154205796288262342841020329017172907606013087134399972562529618885937661916709025748347009623567127478124253828483087203933717800264465717209037876086920778335965769057541379992975761642769460920969816975473107066059754792849714609477555827310215225027020755597565284942901104016890948202397298894510786740389137219969650390342225478959058272092648862470063107626826869068485304518382353275727226023880401380499018937180483519685747511925081362948276662741385290679008181371922289435752942439458995263665149591508852778507 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ac0c57478294a3fd5e708ef67d70943ebc8042aa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (495 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'be.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zh.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.whatmakeslovetrue.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanywatches.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanytrade.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffanytrade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.ie' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.com.ru' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tiffany.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.salesservice.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.estore-tco.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'international.tiffany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.tiffany.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fonts.tiffany.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017d5eb374570000040300473045022043c40adfd7a29d272d3dcc1d460451328e1ae261fa9a1ae1d25a0e615a2fce72022100e051cabbdcef2ca7c26d738c56db62d4ac0311efd1352ac0877469bed03f39b000770041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017d5eb374470000040300483046022100d772f6eeacd187e10d8f617331e98c545f87f87ab01eef2f7326803c17a88e13022100a1b64bffcb46ff06afa245b2f2c1278fef01e84b943f6e6a3c8eac634163f95e007600dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a730000017d5eb3749a00000403004730450220563689b978724334ffb1c86b0ad8c36c11b2b4b8c85d57e8bd73ca87993cda33022100dd9598d002a24cd290be0057b9a3d75a9d68e43985170577e9d0048612ba80dd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bd25a7ea7c6c092b815c66f449a889b8df68651c8d44ac9a520a77835772164f9d9db34f60cc52f791709812e677ce33fc35ac20be81b955a537fd66f7cb606ec608b4c5e6890661d83e17915b52c8150afc60ecb8326422bbe28b78cd634f17f885ff906b5dfc7bd570eea68090e5d46af67b813d982a2b34ac5f35496bdf678a0aad1c4e8bcec7c19306a469d3941fff30a9b39e8ed0b22c5a39c3c1ede873ea602b3235e7c59e0807f20a84d48fe52620eb1f6d4807f5ca9999e4338c4e92ee99fe1e0a357d8ca5953d588491381cd6df801e02a65a1152c3dfccf723d4238a73d6883c25355c5e871cd5f3ea1368d1498816524082598f9d94afa50a5571