catalog.ccls.org
- Chester County Library -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 02:60:ee:1c:2c:8e:ee:df:03:ed:f4:cd:9c:3f:84:d3 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Chester County Library
Organization:
Chester County Library
State / Province:
Pennsylvania
Locality: Exton
Country: US
Locality: Exton
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:60:ee:1c:2c:8e:ee:df:03:ed:f4:cd:9c:3f:84:d3Serial Number (int): 3161745935653530630763357128213103827
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: b4:4f:83:dc:f6:dd:bf:28:e2:11:a8:d9:6a:da:30:23:eb:e2:a9:d5
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): 15:54:8d:cb:80:ee:2f:b0:2a:31:b1:c8:aa:d1:aa:41:fa:84:06:dd
Fingerprint (sha256): e5:98:ce:08:d7:26:e9:71:d2:fb:d5:4e:2b:6a:23:d0:7b:89:e2:6f:42:3c:e3:3d:2e:0b:64:d1:66:d9:35:9e
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate catalog.ccls.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for catalog.ccls.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
catalog.ccls.org
0-ezmyaccount.nytimes.com.catalog.ccls.org
0-ezmyaccount.nytimes.com.catalog.ccls.org
Other certificates including the domain name ccls.org
(limited to 100 certificates)
mail1.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
catalog.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
catalog.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
www.ccls.org
www.ccls.org
mail1.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
mail1.ccls.org
www.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
catalog.ccls.org
catalog.ccls.org
www.ccls.org
mail1.ccls.org
mail1.ccls.org
www.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
mail1.ccls.org
www.ccls.org
www.ccls.org
www.ccls.org
catalog.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
ccls-asa.ccls.org
catalog.ccls.org
catalog.ccls.org
mail1.ccls.org
www.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
catalog.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
catalog.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
catalog.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
www.ccls.org
www.ccls.org
mail1.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
mail1.ccls.org
www.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
catalog.ccls.org
catalog.ccls.org
www.ccls.org
mail1.ccls.org
mail1.ccls.org
www.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
mail1.ccls.org
www.ccls.org
www.ccls.org
www.ccls.org
catalog.ccls.org
mail1.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
ccls-asa.ccls.org
catalog.ccls.org
catalog.ccls.org
mail1.ccls.org
www.ccls.org
CCLS-ASA.ccls.org
mail1.ccls.org
catalog.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
www.ccls.org
catalog.ccls.org
CCLS-ASA.ccls.org
catalog.ccls.org
Certificate
The complete raw certificate details for catalog.ccls.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIQAmDuHCyO7t8D7fTNnD+E0zANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwOTEyMDAwMDAwWhcN MTkwMTIzMTIwMDAwWjBwMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZh bmlhMQ4wDAYDVQQHEwVFeHRvbjEfMB0GA1UEChMWQ2hlc3RlciBDb3VudHkgTGli cmFyeTEZMBcGA1UEAxMQY2F0YWxvZy5jY2xzLm9yZzCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBALKS6bWzzcEzPDrfGvi1n8kY1z+t5BiJ0Izi7cprQ2yC obHMmZOKGBO1Zcy9PHvPR0Vp+VoUD7Xx/Qw7tKOu+sWkfPgBNQ2eCoCgtuvX72Xb 2QCq2Ly4sglfAYRnwq0HPcbh3sluuUXeXSZl+6qy5XiMJx0TCgE9k1RKnx3ittA7 wkTV5V6PemmxxN3oPiYSNKszdqNLnApNRsMGXYj7CF9sZZHJ+ujub9aHcsdY6vae iZTokAGDWqxwXPsF9/jBJv//7Y94Pa2SCE0XRTwxntXwQYYg0hzUvDUfUogyGGyz zYWkD0+aGly/GNtrHM0hSdRKmLL723087p89vJLT2IcCAwEAAaOCAhUwggIRMB8G A1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBS0T4Pc9t2/ KOIRqNlq2jAj6+Kp1TBHBgNVHREEQDA+ghBjYXRhbG9nLmNjbHMub3JngiowLWV6 bXlhY2NvdW50Lm55dGltZXMuY29tLmNhdGFsb2cuY2Nscy5vcmcwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBi MC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNy bDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5j cmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6 Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBu MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUH MAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1 cmVTZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEAGuypLd9iqByFxK2HisebEdGXiG5LziFyhj09qH1k bOfJf3Ml+vJTjY1FrBLebqkW/+oFBoza50hrQE42XUyPTOGDEo6tpDnDxuALkcD6 Kvo75Ro9KcTzpyp0SmaLxKlwnI8gXcmy6tY17wQ3B5FB2ioHUtRLp8iMLGqlmJxl HE+uh9Tyl4if5FXsaM/pJ41O9sO883PyrQpso5L5H3EDo5xMtMNvigaYcE4zfhzP mT94fdNhzCYyMX/rbxRNH01OEvc4Fkc2LLmIIFQlk5jhHuY53BI/nNXztCuZDWud 5m9ohIe3BlsCe4PJ5FpUTnO0NDRXuMllsFy3uFsTVv3TmQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspLptbPNwTM8Ot8a+LWf yRjXP63kGInQjOLtymtDbIKhscyZk4oYE7VlzL08e89HRWn5WhQPtfH9DDu0o676 xaR8+AE1DZ4KgKC269fvZdvZAKrYvLiyCV8BhGfCrQc9xuHeyW65Rd5dJmX7qrLl eIwnHRMKAT2TVEqfHeK20DvCRNXlXo96abHE3eg+JhI0qzN2o0ucCk1GwwZdiPsI X2xlkcn66O5v1odyx1jq9p6JlOiQAYNarHBc+wX3+MEm///tj3g9rZIITRdFPDGe 1fBBhiDSHNS8NR9SiDIYbLPNhaQPT5oaXL8Y22sczSFJ1EqYsvvbfTzunz28ktPY hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3161745935653530630763357128213103827 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-23 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Exton' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chester County Library' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'catalog.ccls.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22542863749233105960446230064516837542810894255682879675784040802225012010830874004019597757264172196875955781952172814026076351100871515245530528859351165366476566546356513207455041201840253345122258175373638524115292131073685057776919293676870437881209009530066133780911981892788882109572256523452480994866363283032966150371551648797030380699951516454394205289425742838488614749939047579965807503970180867687851443389635578667998090902580411795936643232576137323717526195159293776747962228501907730280557691020411539268030217593493371624020279667313408692158062517260920199506622759438534909595250863601815500609671 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b44f83dcf6ddbf28e211a8d96ada3023ebe2a9d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalog.ccls.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0-ezmyaccount.nytimes.com.catalog.ccls.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001aeca92ddf62a81c85c4ad878ac79b11d197886e4bce2172863d3da87d646ce7c97f7325faf2538d8d45ac12de6ea916ffea05068cdae7486b404e365d4c8f4ce183128eada439c3c6e00b91c0fa2afa3be51a3d29c4f3a72a744a668bc4a9709c8f205dc9b2ead635ef0437079141da2a0752d44ba7c88c2c6aa5989c651c4fae87d4f297889fe455ec68cfe9278d4ef6c3bcf373f2ad0a6ca392f91f7103a39c4cb4c36f8a0698704e337e1ccf993f787dd361cc2632317feb6f144d1f4d4e12f7381647362cb9882054259398e11ee639dc123f9cd5f3b42b990d6b9de66f688487b7065b027b83c9e45a544e73b4343457b8c965b05cb7b85b1356fdd399