www.aek.ch
- BKW AG -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 04:8e:c9:c0:dc:ca:9e:f0:64:d2:e2:92:d5:7e:71:07 was issued on by DigiCert Inc.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
BKW AG
Organization:
BKW AG
Locality:
Bern
Country: CH
Country: CH
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:8e:c9:c0:dc:ca:9e:f0:64:d2:e2:92:d5:7e:71:07Serial Number (int): 6058310181520801484020649653973184775
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 64:f8:b8:6d:93:1c:fc:72:8a:ee:e2:25:39:9d:51:31:da:2b:e7:75
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): b5:92:c3:27:c9:64:60:ef:ed:a2:99:50:fe:4b:04:4f:90:80:f6:20
Fingerprint (sha256): da:c9:06:fe:61:24:de:4b:d4:77:bb:e2:c4:64:97:4e:12:10:df:12:54:09:b0:62:fa:93:f1:c5:32:dc:8f:3d
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate www.aek.ch
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aek.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.aek.ch
www-p.aek.ch
www-q.aek.ch
www-t.aek.ch
aek.ch
aekelektro.ch
www.aekelektro.ch
aekbt.ch
www.aekbt.ch
aekbuildtec.ch
www.aekbuildtec.ch
www-p.aek.ch
www-q.aek.ch
www-t.aek.ch
aek.ch
aekelektro.ch
www.aekelektro.ch
aekbt.ch
www.aekbt.ch
aekbuildtec.ch
www.aekbuildtec.ch
Other certificates including the domain name aek.ch
(limited to 100 certificates)
gridconnection.bkw.ch
login.bkw.ch
aek.ch
esl.aek.ch
belvis.aek.ch
connect.bkw.ch
aek.ch
turastest.aek.ch
cloud.aek.ch
www.aek.ch
aek.ch
login-v2-t.bkw.ch
metering-workforce.bkw.ch
125.aek.ch
aek.ch
125.aek.ch
account.bkw.ch
my.bkw.ch
outage.bkw.ch
*.aek.ch
aek.ch
aek.ch
125.aek.ch
aek.ch
125.aek.ch
125.aek.ch
aek.ch
connect.bkw.ch
esl-evu.aek.ch
aek.ch
aek.ch
portal-admin.bkw.ch
www.aek.ch
api-portal-admin.bkw.ch
api-portal-admin.bkw.ch
www.aek.ch
account.bkw.ch
aek.ch
oneportal-admin.bkw.ch
aek.ch
aek.ch
login.bkw.ch
login.bkw.ch
login.bkw.ch
kpa.aek.ch
connect.bkw.ch
aek.ch
login-v2.bkw.ch
aek.ch
aek.ch
login-v2-t.bkw.ch
aek.ch
account.bkw.ch
account.bkw.ch
my.bkw.ch
125.aek.ch
125.aek.ch
piwik.aek.ch
outage.bkw.ch
www.aek.ch
*.aek.ch
alco.aek.ch
*.aek.ch
securon.ch
login.bkw.ch
aek.ch
esl.aek.ch
belvis.aek.ch
connect.bkw.ch
aek.ch
turastest.aek.ch
cloud.aek.ch
www.aek.ch
aek.ch
login-v2-t.bkw.ch
metering-workforce.bkw.ch
125.aek.ch
aek.ch
125.aek.ch
account.bkw.ch
my.bkw.ch
outage.bkw.ch
*.aek.ch
aek.ch
aek.ch
125.aek.ch
aek.ch
125.aek.ch
125.aek.ch
aek.ch
connect.bkw.ch
esl-evu.aek.ch
aek.ch
aek.ch
portal-admin.bkw.ch
www.aek.ch
api-portal-admin.bkw.ch
api-portal-admin.bkw.ch
www.aek.ch
account.bkw.ch
aek.ch
oneportal-admin.bkw.ch
aek.ch
aek.ch
login.bkw.ch
login.bkw.ch
login.bkw.ch
kpa.aek.ch
connect.bkw.ch
aek.ch
login-v2.bkw.ch
aek.ch
aek.ch
login-v2-t.bkw.ch
aek.ch
account.bkw.ch
account.bkw.ch
my.bkw.ch
125.aek.ch
125.aek.ch
piwik.aek.ch
outage.bkw.ch
www.aek.ch
*.aek.ch
alco.aek.ch
*.aek.ch
securon.ch
Certificate
The complete raw certificate details for www.aek.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIPTCCByWgAwIBAgIQBI7JwNzKnvBk0uKS1X5xBzANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw MjE1MDAwMDAwWhcNMjUwMjE4MjM1OTU5WjBCMQswCQYDVQQGEwJDSDENMAsGA1UE BxMEQmVybjEPMA0GA1UEChMGQktXIEFHMRMwEQYDVQQDEwp3d3cuYWVrLmNoMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAixigJ7HBIyoBj1wGw2vuLZq6 Rr1s3CncPbYsheL5y8Dv/HBU+27Y7YwmAimq3wwvHKzmBqhK84BmWD/3ADl6Idvp wj+149+Rm0sgTYZmQkL/guVzSeDAa+e5O7pB2v1IDRXShkWuzkYKMZmo4VPUZfSI a/j3TjwzQV7qMzW4OmXGgCgDyA9FpR3BYw2JIuSPiypKt2TQWk9XgZ7WP101XqZh 1+vs1hCvM2VFmSog8ikyM/6AWnFwt5ExckJtRv1mQB7M74iVaogdFA+fwdBnHJAC z+9ugMHPL8/ODJbuRp8GLaZsgYHzEj34dkz+LF4JHCYy0tL7WzEstPdq0WTFErJi jDHfeRgO2kQyiHovNYT4g07b9643HcO92bCJ7I/pQ0e5zAfPQSoeeerwIj8mlqJW 5aJTDv7BSgQzPVc7wvnrhnqHIt51D4boTnnT2qJAe9oaPS4d4E5w9l6GqrzRW7B9 kPN8iMoMRT0vNpt93+mVg93LVhNLf8gqBjnlsReaw6ehKznimiD5y6m1943Gv5Q9 Rad8COCJgZSeAjnhy6vZyJQH0x/bjX+ui84owCZwNqFfrHro7X3H+2zOmIWHxlRC TEdAroRNKoHZRqu9YfL+f004bZWr+EwYSX0bBUNXV6/Y50zVG3A7loo4ko8tY0Ug yP4PUACm+Vj8c+K2qx0CAwEAAaOCBBYwggQSMB8GA1UdIwQYMBaAFHSFgMBmx983 3s+9KTeqAx2+7c0XMB0GA1UdDgQWBBRk+Lhtkxz8coru4iU5nVEx2ivndTCBpwYD VR0RBIGfMIGcggp3d3cuYWVrLmNoggx3d3ctcC5hZWsuY2iCDHd3dy1xLmFlay5j aIIMd3d3LXQuYWVrLmNoggZhZWsuY2iCDWFla2VsZWt0cm8uY2iCEXd3dy5hZWtl bGVrdHJvLmNogghhZWtidC5jaIIMd3d3LmFla2J0LmNogg5hZWtidWlsZHRlYy5j aIISd3d3LmFla2J1aWxkdGVjLmNoMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYI KwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8EgZcw gZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2Jh bEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDBIoEagRIZCaHR0cDovL2NybDQu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0Ex LTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw LmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMuZGlnaWNl cnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3J0 MAwGA1UdEwEB/wQCMAAwggF7BgorBgEEAdZ5AgQCBIIBawSCAWcBZQB1AE51oydc mhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABja4tnP4AAAQDAEYwRAIgB70f cmivLlgK5pLvRAi0jFSPsnJfw1m7/G3I6wLSV0cCICvkZhDfDn0iaDUxiAqOO1+5 66XveNunRhUkf3F77KDUAHUAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowu ebgAAAGNri2dPwAABAMARjBEAiAzxzUspoDB/aDnDh5cLxEwABaHnsTgfrRUQnJ5 cuXN/QIgQn3AoWsG2r74qqu0sC1/0n677sO/kbqHlfJXQsR5KHoAdQDm0jFjQHeM wRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY2uLZ1oAAAEAwBGMEQCIC8JXHem 0k9mVmKQ1AosV4EzQiX07m6kZg4G4cj2d9o8AiArr3Gn4ZRi8ZoFf1j9EXDqrMNo adx7gSZ8qe0WBno9lTANBgkqhkiG9w0BAQsFAAOCAQEAafcaidc5jYp0W7X+ckYl 37NXqpFyIrFJlnnxFtwU7mKvbnQWP1xf5U3qkgPFvbAk6CvzBAHMKf6VqNg32WRS KXdT/favVOe1U3eMo/J+eqx4HVFymxL1D3NDdp2ny61vRO2o6F+RBeOhdU6SJdED n93g9uqPnsbAP22Ts+xANJvzSuvXD1zNGsPmoVZNLx+5Kt7Zud4tp+dtno7/6zYK u6IfO48ocRIwZjlv/lMUCaTBlTyvlDysaLmPq75297l83LJOHd4LeakOmeUxgrP2 waK+HbRjCjpOs7Rchh7pyL8AmSROwfMZfFLiUrddeyjglOZ/yTEuTJlbf/62gAwG ZQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAixigJ7HBIyoBj1wGw2vu LZq6Rr1s3CncPbYsheL5y8Dv/HBU+27Y7YwmAimq3wwvHKzmBqhK84BmWD/3ADl6 Idvpwj+149+Rm0sgTYZmQkL/guVzSeDAa+e5O7pB2v1IDRXShkWuzkYKMZmo4VPU ZfSIa/j3TjwzQV7qMzW4OmXGgCgDyA9FpR3BYw2JIuSPiypKt2TQWk9XgZ7WP101 XqZh1+vs1hCvM2VFmSog8ikyM/6AWnFwt5ExckJtRv1mQB7M74iVaogdFA+fwdBn HJACz+9ugMHPL8/ODJbuRp8GLaZsgYHzEj34dkz+LF4JHCYy0tL7WzEstPdq0WTF ErJijDHfeRgO2kQyiHovNYT4g07b9643HcO92bCJ7I/pQ0e5zAfPQSoeeerwIj8m lqJW5aJTDv7BSgQzPVc7wvnrhnqHIt51D4boTnnT2qJAe9oaPS4d4E5w9l6GqrzR W7B9kPN8iMoMRT0vNpt93+mVg93LVhNLf8gqBjnlsReaw6ehKznimiD5y6m1943G v5Q9Rad8COCJgZSeAjnhy6vZyJQH0x/bjX+ui84owCZwNqFfrHro7X3H+2zOmIWH xlRCTEdAroRNKoHZRqu9YfL+f004bZWr+EwYSX0bBUNXV6/Y50zVG3A7loo4ko8t Y0UgyP4PUACm+Vj8c+K2qx0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6058310181520801484020649653973184775 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BKW AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aek.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 567462961807006589667197846732841976538110066727110760662497931870320136770072795102987725197625131756147928578895570745019310811583620861539708251147629702346708876949942221305527058115195949390893814221369448404932346478769567565515514699760832090497227418868642162839800865502030187953807681713810821798780729412771691013822550427307797594032171812672120926413568564960969006635026141199193117685100876270641798603885334403616103661584270373431118974037351414177065104457737267806194978724003045104771640880645561819742720532122852265188703668271357201530719219796013415491434229073753229564047572315927520728935644976806059574983130758861760015410749960471524502366419134585785052623716736747527978664853045333128606095027385784121812579428379249405279670102032107759873930304236792883856634904119528224413182199716336106398905155976601702734641834071646422554231430787270252291103768033106350739116403391005863382047771017485479214055986230626534631920852330809594136108809070563269125134535837296201536164642971373554500390311660548809611228765966300138054708851666654914209574256185179877016151117829374473901385108495207319418652325554414089097826838450640303526727222492569366974773323499533480276252009661529771439472159517 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 64f8b86d931cfc728aeee225399d5131da2be775 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aek.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-p.aek.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-q.aek.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-t.aek.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aek.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aekelektro.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aekelektro.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aekbt.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aekbt.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aekbuildtec.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aekbuildtec.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 01650075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dae2d9cfe0000040300463044022007bd1f7268af2e580ae692ef4408b48c548fb2725fc359bbfc6dc8eb02d2574702202be46610df0e7d22683531880a8e3b5fb9eba5ef78dba74615247f717beca0d40075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dae2d9d3f0000040300463044022033c7352ca680c1fda0e70e1e5c2f11300016879ec4e07eb45442727972e5cdfd0220427dc0a16b06dabef8aaabb4b02d7fd27ebbeec3bf91ba8795f25742c479287a007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dae2d9d68000004030046304402202f095c77a6d24f66566290d40a2c5781334225f4ee6ea4660e06e1c8f677da3c02202baf71a7e19462f19a057f58fd1170eaacc36869dc7b81267ca9ed16067a3d95 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0069f71a89d7398d8a745bb5fe724625dfb357aa917222b1499679f116dc14ee62af6e74163f5c5fe54dea9203c5bdb024e82bf30401cc29fe95a8d837d96452297753fdf6af54e7b553778ca3f27e7aac781d51729b12f50f7343769da7cbad6f44eda8e85f9105e3a1754e9225d1039fdde0f6ea8f9ec6c03f6d93b3ec40349bf34aebd70f5ccd1ac3e6a1564d2f1fb92aded9b9de2da7e76d9e8effeb360abba21f3b8f2871123066396ffe531409a4c1953caf943cac68b98fabbe76f7b97cdcb24e1dde0b79a90e99e53182b3f6c1a2be1db4630a3a4eb3b45c861ee9c8bf0099244ec1f3197c52e252b75d7b28e094e67fc9312e4c995b7ffeb6800c0665