dfm2.map.fastly.net
- Fastly, Inc. -
Issued by GlobalSign CloudSSL CA - SHA256 - G3
About this certificate
This digital certificate with serial number 49:29:e8:cf:93:be:a5:52:56:3e:a4:71 was issued on by GlobalSign nv-sa.
With 61 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Fastly, Inc.
Organization:
Fastly, Inc.
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 49:29:e8:cf:93:be:a5:52:56:3e:a4:71Serial Number (int): 22643071093708567170842010737
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: d2:72:96:54:0a:51:2b:9b:5f:8e:c4:59:a1:94:3d:43:c2:59:bd:2c
AuthorityKeyId: a9:2b:87:e1:ce:24:47:3b:1b:bf:cf:85:37:02:55:9d:0d:94:58:e6
Fingerprint (sha1): 3c:97:a3:df:ac:8c:90:99:00:e2:f5:49:e9:8b:38:32:4e:07:7d:54
Fingerprint (sha256): e3:55:21:6c:8a:b3:3a:02:f3:78:df:82:b0:d2:3f:46:62:f8:ce:ca:0d:23:c2:28:f1:9d:a7:a5:10:0f:fa:19
Issuing Certificate URL: http://secure.globalsign.com/cacert/cloudsslsha2g3.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/cloudsslsha2g3Check the revocation status for certificate dfm2.map.fastly.net
61
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dfm2.map.fastly.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dfm2.map.fastly.net
blogs.denverpost.com
blogs.mercurynews.com
crime.denverpost.com
elections.denverpost.com
extras.denverpost.com
mngli.bostonherald.com
mngli.chicoer.com
mngli.dailybreeze.com
mngli.dailybulletin.com
mngli.dailycamera.com
mngli.dailydemocrat.com
mngli.dailyfreeman.com
mngli.dailylocal.com
mngli.dailynews.com
mngli.dailytribune.com
mngli.delcotimes.com
mngli.denverpost.com
mngli.eastbaytimes.com
mngli.lowellsun.com
mngli.macombdaily.com
mngli.marinij.com
mngli.mercurynews.com
mngli.montereyherald.com
mngli.morningjournal.com
mngli.news-herald.com
mngli.ocregister.com
mngli.oneidadispatch.com
mngli.orovillemr.com
mngli.pasadenastarnews.com
mngli.pe.com
mngli.pottsmerc.com
mngli.presstelegram.com
mngli.readingeagle.com
mngli.record-bee.com
mngli.redbluffdailynews.com
mngli.redlandsdailyfacts.com
mngli.reporterherald.com
mngli.santacruzsentinel.com
mngli.saratogian.com
mngli.sbsun.com
mngli.sentinelandenterprise.com
mngli.sgvtribune.com
mngli.themorningsun.com
mngli.theoaklandpress.com
mngli.thereporter.com
mngli.thereporteronline.com
mngli.times-standard.com
mngli.timescall.com
mngli.timesherald.com
mngli.timesheraldonline.com
mngli.trentonian.com
mngli.troyrecord.com
mngli.twincities.com
mngli.ukiahdailyjournal.com
mngli.whittierdailynews.com
mobile-dashboard.digitalfirstmedia.com
theknow.denverpost.com
www.bayareanewsgroup.com
www.thecannabist.co
yourhub.denverpost.com
blogs.denverpost.com
blogs.mercurynews.com
crime.denverpost.com
elections.denverpost.com
extras.denverpost.com
mngli.bostonherald.com
mngli.chicoer.com
mngli.dailybreeze.com
mngli.dailybulletin.com
mngli.dailycamera.com
mngli.dailydemocrat.com
mngli.dailyfreeman.com
mngli.dailylocal.com
mngli.dailynews.com
mngli.dailytribune.com
mngli.delcotimes.com
mngli.denverpost.com
mngli.eastbaytimes.com
mngli.lowellsun.com
mngli.macombdaily.com
mngli.marinij.com
mngli.mercurynews.com
mngli.montereyherald.com
mngli.morningjournal.com
mngli.news-herald.com
mngli.ocregister.com
mngli.oneidadispatch.com
mngli.orovillemr.com
mngli.pasadenastarnews.com
mngli.pe.com
mngli.pottsmerc.com
mngli.presstelegram.com
mngli.readingeagle.com
mngli.record-bee.com
mngli.redbluffdailynews.com
mngli.redlandsdailyfacts.com
mngli.reporterherald.com
mngli.santacruzsentinel.com
mngli.saratogian.com
mngli.sbsun.com
mngli.sentinelandenterprise.com
mngli.sgvtribune.com
mngli.themorningsun.com
mngli.theoaklandpress.com
mngli.thereporter.com
mngli.thereporteronline.com
mngli.times-standard.com
mngli.timescall.com
mngli.timesherald.com
mngli.timesheraldonline.com
mngli.trentonian.com
mngli.troyrecord.com
mngli.twincities.com
mngli.ukiahdailyjournal.com
mngli.whittierdailynews.com
mobile-dashboard.digitalfirstmedia.com
theknow.denverpost.com
www.bayareanewsgroup.com
www.thecannabist.co
yourhub.denverpost.com
Other certificates including the domain name dfm2.map.fastly.net
(limited to 100 certificates)
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
dfm2.map.fastly.net
Certificate
The complete raw certificate details for dfm2.map.fastly.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKlTCCCX2gAwIBAgIMSSnoz5O+pVJWPqRxMA0GCSqGSIb3DQEBCwUAMFcxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRH bG9iYWxTaWduIENsb3VkU1NMIENBIC0gU0hBMjU2IC0gRzMwHhcNMjEwMTEzMTcw MDE1WhcNMjEwNDIwMTg0NjQ1WjBvMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRmFzdGx5 LCBJbmMuMRwwGgYDVQQDDBNkZm0yLm1hcC5mYXN0bHkubmV0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoseGOsA+AO3okCkOVKK3B7FEtARSUlNZmETo cf+H9tfqwtMet7n+mdnoiXMPSDXzLCxdvwsCGqwyqwvKNxDOzJcuii5HJTU7MY7C Xc7Jm6Nd+OSgQg7sU78JrEime3YTFkQnTMj4Ou0FLY1kYI/3RUri+hfUkwLSBZuw J9320ymoQYRYbvydzb/MROUT7gsOG7cuAq3goqIkPYukLQeRI0fmc0K9tR0Nwu+b oAuUuXH8Wu5S+n9w0nPOTDL0wOOvo7d36hSixt24x/NpOdqoVrULdsG6N7474Smg lY6zeoAgnGrPsWVCYoG3/5gu9BE3pHVfdF+M0bYFX1Hm1k1yTQIDAQABo4IHRzCC B0MwDgYDVR0PAQH/BAQDAgWgMIGKBggrBgEFBQcBAQR+MHwwQgYIKwYBBQUHMAKG Nmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2Nsb3Vkc3Nsc2hh MmczLmNydDA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29t L2Nsb3Vkc3Nsc2hhMmczMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYB BQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgG BmeBDAECAjAJBgNVHRMEAjAAMIIFywYDVR0RBIIFwjCCBb6CE2RmbTIubWFwLmZh c3RseS5uZXSCFGJsb2dzLmRlbnZlcnBvc3QuY29tghVibG9ncy5tZXJjdXJ5bmV3 cy5jb22CFGNyaW1lLmRlbnZlcnBvc3QuY29tghhlbGVjdGlvbnMuZGVudmVycG9z dC5jb22CFWV4dHJhcy5kZW52ZXJwb3N0LmNvbYIWbW5nbGkuYm9zdG9uaGVyYWxk LmNvbYIRbW5nbGkuY2hpY29lci5jb22CFW1uZ2xpLmRhaWx5YnJlZXplLmNvbYIX bW5nbGkuZGFpbHlidWxsZXRpbi5jb22CFW1uZ2xpLmRhaWx5Y2FtZXJhLmNvbYIX bW5nbGkuZGFpbHlkZW1vY3JhdC5jb22CFm1uZ2xpLmRhaWx5ZnJlZW1hbi5jb22C FG1uZ2xpLmRhaWx5bG9jYWwuY29tghNtbmdsaS5kYWlseW5ld3MuY29tghZtbmds aS5kYWlseXRyaWJ1bmUuY29tghRtbmdsaS5kZWxjb3RpbWVzLmNvbYIUbW5nbGku ZGVudmVycG9zdC5jb22CFm1uZ2xpLmVhc3RiYXl0aW1lcy5jb22CE21uZ2xpLmxv d2VsbHN1bi5jb22CFW1uZ2xpLm1hY29tYmRhaWx5LmNvbYIRbW5nbGkubWFyaW5p ai5jb22CFW1uZ2xpLm1lcmN1cnluZXdzLmNvbYIYbW5nbGkubW9udGVyZXloZXJh bGQuY29tghhtbmdsaS5tb3JuaW5nam91cm5hbC5jb22CFW1uZ2xpLm5ld3MtaGVy YWxkLmNvbYIUbW5nbGkub2NyZWdpc3Rlci5jb22CGG1uZ2xpLm9uZWlkYWRpc3Bh dGNoLmNvbYIUbW5nbGkub3JvdmlsbGVtci5jb22CGm1uZ2xpLnBhc2FkZW5hc3Rh cm5ld3MuY29tggxtbmdsaS5wZS5jb22CE21uZ2xpLnBvdHRzbWVyYy5jb22CF21u Z2xpLnByZXNzdGVsZWdyYW0uY29tghZtbmdsaS5yZWFkaW5nZWFnbGUuY29tghRt bmdsaS5yZWNvcmQtYmVlLmNvbYIbbW5nbGkucmVkYmx1ZmZkYWlseW5ld3MuY29t ghxtbmdsaS5yZWRsYW5kc2RhaWx5ZmFjdHMuY29tghhtbmdsaS5yZXBvcnRlcmhl cmFsZC5jb22CG21uZ2xpLnNhbnRhY3J1enNlbnRpbmVsLmNvbYIUbW5nbGkuc2Fy YXRvZ2lhbi5jb22CD21uZ2xpLnNic3VuLmNvbYIfbW5nbGkuc2VudGluZWxhbmRl bnRlcnByaXNlLmNvbYIUbW5nbGkuc2d2dHJpYnVuZS5jb22CF21uZ2xpLnRoZW1v cm5pbmdzdW4uY29tghltbmdsaS50aGVvYWtsYW5kcHJlc3MuY29tghVtbmdsaS50 aGVyZXBvcnRlci5jb22CG21uZ2xpLnRoZXJlcG9ydGVyb25saW5lLmNvbYIYbW5n bGkudGltZXMtc3RhbmRhcmQuY29tghNtbmdsaS50aW1lc2NhbGwuY29tghVtbmds aS50aW1lc2hlcmFsZC5jb22CG21uZ2xpLnRpbWVzaGVyYWxkb25saW5lLmNvbYIU bW5nbGkudHJlbnRvbmlhbi5jb22CFG1uZ2xpLnRyb3lyZWNvcmQuY29tghRtbmds aS50d2luY2l0aWVzLmNvbYIbbW5nbGkudWtpYWhkYWlseWpvdXJuYWwuY29tghtt bmdsaS53aGl0dGllcmRhaWx5bmV3cy5jb22CJm1vYmlsZS1kYXNoYm9hcmQuZGln aXRhbGZpcnN0bWVkaWEuY29tghZ0aGVrbm93LmRlbnZlcnBvc3QuY29tghh3d3cu YmF5YXJlYW5ld3Nncm91cC5jb22CE3d3dy50aGVjYW5uYWJpc3QuY2+CFnlvdXJo dWIuZGVudmVycG9zdC5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MB8GA1UdIwQYMBaAFKkrh+HOJEc7G7/PhTcCVZ0NlFjmMB0GA1UdDgQWBBTScpZU ClErm1+OxFmhlD1Dwlm9LDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B AQsFAAOCAQEAe8ZKGG1anbl3hMvtK5wegtjdBT+HcYPEnEj7b/ygLU/BYBVhQ4aq kZ6vBo5YvBpgutNQlTKZaBvJ3mHAGQi2WUCFrPe1lFB4Wy5nB++qleZAxCaasaSx IExUgFUhFw9OmDVgUaWdD/yUZ+wwRndpRoO7RB14HF5z4ryLVHEHiw63IHyUsjrH /EeO6pmBQ9Q4KmxRch9+qs6mclZsMGLo1z/3NTeVvjkvztESN8ogGB9gAEQyqTuA 95GLhYkRChLWnY7pF5o1D/hWThc+gsLck1QUrMeVfoipgAukr5t/bLfu541GHRWK QUN3SVjE6GVXMc2UvOXlPdgojlXJDt97og== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoseGOsA+AO3okCkOVKK3 B7FEtARSUlNZmETocf+H9tfqwtMet7n+mdnoiXMPSDXzLCxdvwsCGqwyqwvKNxDO zJcuii5HJTU7MY7CXc7Jm6Nd+OSgQg7sU78JrEime3YTFkQnTMj4Ou0FLY1kYI/3 RUri+hfUkwLSBZuwJ9320ymoQYRYbvydzb/MROUT7gsOG7cuAq3goqIkPYukLQeR I0fmc0K9tR0Nwu+boAuUuXH8Wu5S+n9w0nPOTDL0wOOvo7d36hSixt24x/NpOdqo VrULdsG6N7474SmglY6zeoAgnGrPsWVCYoG3/5gu9BE3pHVfdF+M0bYFX1Hm1k1y TQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 22643071093708567170842010737 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign CloudSSL CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-13 17:00:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-20 18:46:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Fastly, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'dfm2.map.fastly.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20548994520593837425071739350284976953269409229361971320442771941746798114265935233374994074414243156609873454131252949446981093446546868826307898492409214446240085490252482506592068539622062529227468696029673464303277172542893271293047563170845093454208992840499681707483791899192925790621918577165170124481740516243229220816487526065900320649868109025859749949439620060561656619101794816977368411275945250889946125679589414486397413125172397334390063052753074291143861177658467687597984638242396042811665033751441808172270243244651837197387892356571899589340651006101438279726877869976910968326560845296910293889613 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/cloudsslsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/cloudsslsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1474 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dfm2.map.fastly.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.mercurynews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crime.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'elections.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extras.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.bostonherald.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.chicoer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailybreeze.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailybulletin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailycamera.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailydemocrat.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailyfreeman.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailylocal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailynews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.dailytribune.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.delcotimes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.eastbaytimes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.lowellsun.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.macombdaily.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.marinij.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.mercurynews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.montereyherald.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.morningjournal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.news-herald.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.ocregister.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.oneidadispatch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.orovillemr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.pasadenastarnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.pe.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.pottsmerc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.presstelegram.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.readingeagle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.record-bee.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.redbluffdailynews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.redlandsdailyfacts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.reporterherald.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.santacruzsentinel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.saratogian.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.sbsun.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.sentinelandenterprise.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.sgvtribune.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.themorningsun.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.theoaklandpress.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.thereporter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.thereporteronline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.times-standard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.timescall.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.timesherald.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.timesheraldonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.trentonian.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.troyrecord.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.twincities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.ukiahdailyjournal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mngli.whittierdailynews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile-dashboard.digitalfirstmedia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theknow.denverpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bayareanewsgroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thecannabist.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourhub.denverpost.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a92b87e1ce24473b1bbfcf853702559d0d9458e6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d27296540a512b9b5f8ec459a1943d43c259bd2c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007bc64a186d5a9db97784cbed2b9c1e82d8dd053f877183c49c48fb6ffca02d4fc16015614386aa919eaf068e58bc1a60bad350953299681bc9de61c01908b6594085acf7b59450785b2e6707efaa95e640c4269ab1a4b1204c54805521170f4e98356051a59d0ffc9467ec304677694683bb441d781c5e73e2bc8b5471078b0eb7207c94b23ac7fc478eea998143d4382a6c51721f7eaacea672566c3062e8d73ff7353795be392fced11237ca20181f60004432a93b80f7918b8589110a12d69d8ee9179a350ff8564e173e82c2dc935414acc7957e88a9800ba4af9b7f6cb7eee78d461d158a4143774958c4e8655731cd94bce5e53dd8288e55c90edf7ba2