ciam.npe4.kaingaora.govt.nz
- Kainga Ora Homes and Communities -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 03:79:2e:64:2f:56:9c:13:b4:ca:6d:2b:26:b5:75:15 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Kainga Ora Homes and Communities
Organization:
Kainga Ora Homes and Communities
Locality:
Wellington
Country: NZ
Country: NZ
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:79:2e:64:2f:56:9c:13:b4:ca:6d:2b:26:b5:75:15Serial Number (int): 4616892835545981299813758473078142229
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: fb:c0:22:a2:0e:58:01:13:95:cf:fc:bd:bb:e0:d8:9e:13:4a:e9:24
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 50:96:bc:25:f3:d4:be:76:ee:9f:dc:65:7e:96:52:fd:cf:19:75:6d
Fingerprint (sha256): e9:4f:15:2b:20:b0:b5:77:18:84:df:87:02:9d:b4:e8:e7:75:56:a9:0d:c6:b8:c1:57:b6:c4:29:dc:b1:1a:a8
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Check the revocation status for certificate ciam.npe4.kaingaora.govt.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ciam.npe4.kaingaora.govt.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA512 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ciam.npe4.kaingaora.govt.nz
www.ciam.npe4.kaingaora.govt.nz
www.ciam.npe4.kaingaora.govt.nz
Other certificates including the domain name kaingaora.govt.nz
(limited to 100 certificates)
my.npe4.kaingaora.govt.nz
careers.hnzc.co.nz
ucweb02.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
access02.kaingaora.govt.nz
iaf.portal.kaingaora.govt.nz
ucweb01.kaingaora.govt.nz
my.kaingaora.govt.nz
ciam.kaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
kaaingaora.govt.nz
myaccount.firsthomepartner.kaingaora.govt.nz
access01.kaingaora.govt.nz
ciam.kaingaora.govt.nz
my.kaingaora.govt.nz
help.cloudpayroll.com.au
kaaingaora.govt.nz
ucweb01.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
kaaingaora.govt.nz
my.kaingaora.govt.nz
desk.aquion.com.au
kaaingaora.govt.nz
access02.kaingaora.govt.nz
careers.hnzc.co.nz
live.madeopen.co.uk
kaaingaora.govt.nz
access01.kaingaora.govt.nz
helpdesk.csxpi.com
live.madeopen.co.uk
mail.hnzc.co.nz
desk.mygpmptool.com.au
kaaingaora.govt.nz
careers.hnzc.co.nz
access02.kaingaora.govt.nz
zohosd.mbav.com.au
kaaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
kaaingaora.govt.nz
my.kaingaora.govt.nz
live.madeopen.co.uk
my.kaingaora.govt.nz
kaaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
kaaingaora.govt.nz
my.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
kaaingaora.govt.nz
rawa.kaingaora.govt.nz
my.npe4.kaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
ucweb02.kaingaora.govt.nz
my.kaingaora.govt.nz
hnzaadexpwe01.hnzc.co.nz
ciam.kaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
kaaingaora.govt.nz
ucweb02.kaingaora.govt.nz
careers.hnzc.co.nz
ucweb02.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
access02.kaingaora.govt.nz
iaf.portal.kaingaora.govt.nz
ucweb01.kaingaora.govt.nz
my.kaingaora.govt.nz
ciam.kaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
kaaingaora.govt.nz
myaccount.firsthomepartner.kaingaora.govt.nz
access01.kaingaora.govt.nz
ciam.kaingaora.govt.nz
my.kaingaora.govt.nz
help.cloudpayroll.com.au
kaaingaora.govt.nz
ucweb01.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
kaaingaora.govt.nz
my.kaingaora.govt.nz
desk.aquion.com.au
kaaingaora.govt.nz
access02.kaingaora.govt.nz
careers.hnzc.co.nz
live.madeopen.co.uk
kaaingaora.govt.nz
access01.kaingaora.govt.nz
helpdesk.csxpi.com
live.madeopen.co.uk
mail.hnzc.co.nz
desk.mygpmptool.com.au
kaaingaora.govt.nz
careers.hnzc.co.nz
access02.kaingaora.govt.nz
zohosd.mbav.com.au
kaaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
kaaingaora.govt.nz
my.kaingaora.govt.nz
live.madeopen.co.uk
my.kaingaora.govt.nz
kaaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
kaaingaora.govt.nz
my.kaingaora.govt.nz
live.madeopen.co.uk
live.madeopen.co.uk
kaaingaora.govt.nz
rawa.kaingaora.govt.nz
my.npe4.kaingaora.govt.nz
live.madeopen.co.uk
kaaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
ucweb02.kaingaora.govt.nz
my.kaingaora.govt.nz
hnzaadexpwe01.hnzc.co.nz
ciam.kaingaora.govt.nz
ciam.npe4.kaingaora.govt.nz
kaaingaora.govt.nz
ucweb02.kaingaora.govt.nz
Certificate
The complete raw certificate details for ciam.npe4.kaingaora.govt.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH6jCCBtKgAwIBAgIQA3kuZC9WnBO0ym0rJrV1FTANBgkqhkiG9w0BAQ0FADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjExMDYwMDAwMDBa Fw0yMzExMTQyMzU5NTlaMHMxCzAJBgNVBAYTAk5aMRMwEQYDVQQHEwpXZWxsaW5n dG9uMSkwJwYDVQQKEyBLYWluZ2EgT3JhIEhvbWVzIGFuZCBDb21tdW5pdGllczEk MCIGA1UEAxMbY2lhbS5ucGU0LmthaW5nYW9yYS5nb3Z0Lm56MIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAjwmIu/9rxWeFlzD9jsL1D7nikjVb1AIYxtlI Eir2Qw4xsKS90ITWN7ng9SxhYIwm937JbKLTUmRmCMsMjHx9ZSMuPSSSCyZkt0qe Vs4vX9YPRo7eNT/DG9dowaKbTu1CDVpdD0/sjhVp+fVE3tu0OxELNOXG+R0EoStN Es8oHvRX3dZv6wRTcyY1a1iFGFPnOvW1Q8rn4WxW9A28N2fB63HYMPzulLREgLzF p6gnbihxt56BHBFkDd4aq4CIR+O9KmnY1dSHRXx7LCU/wC1uJt+26SzDBa2d8ADd fH/2DKau3YvlZm0ylDy7KA6vYx+pw0nkMqGbjXDfk9ilA9H1YwBfooQ7ZbQUDpWl KH+rQg6v6dqSeRLXbdGKCm50LY8vFqHSyzBJE0HuWp8aPWcVONE83Epq0SJEBR7P beJXXkoL/E/zw4dlE8IHBvUGHu5CPjTUqTxfYlALgw4UEvqDujPGgFZkx+xQXCgG IObXCTNZMfnmfh6dtmXS54Ja9p58WsM4wOeDLh4uQT+yUe1qQFm6DhuLgHtzeTpx ULIOtmJsRxXQ24hsyGv3oSFEuaAegLhUf3LsP9k0tHmONLKmImAuDemvKzlmpFNc 85ljf/2YwoOP9LIrxhXZqEzEECaMRqwRn3DoKJ17KxYSDmZvgVsyqKDKxtNeXyhS A/bqO8UCAwEAAaOCA5wwggOYMB8GA1UdIwQYMBaAFLdrouqoqoSMeeq02g+YssWV drn0MB0GA1UdDgQWBBT7wCKiDlgBE5XP/L274NieE0rpJDBHBgNVHREEQDA+ghtj aWFtLm5wZTQua2Fpbmdhb3JhLmdvdnQubnqCH3d3dy5jaWFtLm5wZTQua2Fpbmdh b3JhLmdvdnQubnowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdp Y2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8 hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYy MDIwQ0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEW G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9 aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2 MjAyMENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFq AWgAdwDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYRO61k0AAAE AwBIMEYCIQDVMOtLNts2LM38EkVQp/gd77HgEBSnOKkhn1TaBK9YiwIhAJp3l9un /sfbnbRzaQgTP+aa/Qs4CQPjcQKs2ajHaUKQAHUAs3N3B+GEUPhjhtYFqdwRCUp5 LbFnDAuH3PADDnk2pZoAAAGETutZkgAABAMARjBEAiA5FovvCRPqhBTgE/kWGatu f+kebcb3Nhlj5ICz0k1nZQIgdNZPvixjXbQHKNnjMnxORzPl1vZKyAz41ZBEQxBn vmgAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYRO61lLAAAE AwBHMEUCIQDr6ifAC0TY/jJSlig0juNjb9vXMuai2HUoBFNmJPa+2wIgW4YjaBYd 7AN+eT6Oh34m0N+u+KZCiUCKEgw7etMxK0QwDQYJKoZIhvcNAQENBQADggEBAKgh 834lVwT73CizNIgsyeMOeQXs4KBNrTs1XKwricZrxeQr2OEwPE0iURSJz8iB2vBL Fa8Lm9lV40/2pqDVuhYgDn23pfWE2WG+EApTzr6dpfBbZdhRcSHAU5DKl/CvNoWZ LFOMy8kbAm9jz1VyMmoW2ngHhzVQSM3YhbT1wiAJNznQSBveEjyL0CAdAjJrpBLY 3d5wprS3IKoM781QUSWCZdBe5YKAOKxtMI4FB6+JKOFXqmLvYkWg2JdFHtJ7iKJF +QCKfhMXJbv14frUHZYCDd1nucgmFwaTxkNIvSOzm+4ZSw7wL/ypmWRIiopP6cbw B7mrq1UY0+nuxbFoTVM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjwmIu/9rxWeFlzD9jsL1 D7nikjVb1AIYxtlIEir2Qw4xsKS90ITWN7ng9SxhYIwm937JbKLTUmRmCMsMjHx9 ZSMuPSSSCyZkt0qeVs4vX9YPRo7eNT/DG9dowaKbTu1CDVpdD0/sjhVp+fVE3tu0 OxELNOXG+R0EoStNEs8oHvRX3dZv6wRTcyY1a1iFGFPnOvW1Q8rn4WxW9A28N2fB 63HYMPzulLREgLzFp6gnbihxt56BHBFkDd4aq4CIR+O9KmnY1dSHRXx7LCU/wC1u Jt+26SzDBa2d8ADdfH/2DKau3YvlZm0ylDy7KA6vYx+pw0nkMqGbjXDfk9ilA9H1 YwBfooQ7ZbQUDpWlKH+rQg6v6dqSeRLXbdGKCm50LY8vFqHSyzBJE0HuWp8aPWcV ONE83Epq0SJEBR7PbeJXXkoL/E/zw4dlE8IHBvUGHu5CPjTUqTxfYlALgw4UEvqD ujPGgFZkx+xQXCgGIObXCTNZMfnmfh6dtmXS54Ja9p58WsM4wOeDLh4uQT+yUe1q QFm6DhuLgHtzeTpxULIOtmJsRxXQ24hsyGv3oSFEuaAegLhUf3LsP9k0tHmONLKm ImAuDemvKzlmpFNc85ljf/2YwoOP9LIrxhXZqEzEECaMRqwRn3DoKJ17KxYSDmZv gVsyqKDKxtNeXyhSA/bqO8UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4616892835545981299813758473078142229 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wellington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kainga Ora Homes and Communities' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ciam.npe4.kaingaora.govt.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 583541038486499394840026849679200710962084993845675026112205960130481973710050659157937913429597393202307134552937499826487926043607542876142574545932026866614414197123227676578221120727575360702228389206427538814534540355720886998756434426038611796541693249811013016758796490707168076095678453506091484480394739829012157116064560039728474835385017549281223842108960161633136839402477504137754816618942320304100652822325440091302126242415917305455874105749347851625938945048060472481435563416273940150227347258756287468723112100807188137630767514106414490692108287386372218001078418329662985632129913260887106152124523500641268769494142993123432622860017554948738921778391271058930096321644080049343551434968728122033073440646827035875330360628730316690442539465403633522049079214059985484475140271474144047920798484061287745711098065198941062078308209157494149610127475848900176187763031455422240469019729743068737911210548634768110013736923137260278162396604133890255261863006126447508257589102964938681337385933413815801556319926839624854556202009348204534127992754586798418822694382523409486628997240018795075973771603073803778021147386699935949081581160147165567113143646368370172738408432934102321130678757195966281277065804741 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fbc022a20e58011395cffcbdbbe0d89e134ae924 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ciam.npe4.kaingaora.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ciam.npe4.kaingaora.govt.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001844eeb59340000040300483046022100d530eb4b36db362ccdfc124550a7f81defb1e01014a738a9219f54da04af588b0221009a7797dba7fec7db9db4736908133fe69afd0b380903e37102acd9a8c7694290007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001844eeb59920000040300463044022039168bef0913ea8414e013f91619ab6e7fe91e6dc6f7361963e480b3d24d6765022074d64fbe2c635db40728d9e3327c4e4733e5d6f64ac80cf8d59044431067be68007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001844eeb594b0000040300473045022100ebea27c00b44d8fe32529628348ee3636fdbd732e6a2d8752804536624f6bedb02205b862368161dec037e793e8e877e26d0dfaef8a64289408a120c3b7ad3312b44 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a821f37e255704fbdc28b334882cc9e30e7905ece0a04dad3b355cac2b89c66bc5e42bd8e1303c4d22511489cfc881daf04b15af0b9bd955e34ff6a6a0d5ba16200e7db7a5f584d961be100a53cebe9da5f05b65d8517121c05390ca97f0af3685992c538ccbc91b026f63cf5572326a16da780787355048cdd885b4f5c220093739d0481bde123c8bd0201d02326ba412d8ddde70a6b4b720aa0cefcd5051258265d05ee5828038ac6d308e0507af8928e157aa62ef6245a0d897451ed27b88a245f9008a7e131725bbf5e1fad41d96020ddd67b9c826170693c64348bd23b39bee194b0ef02ffca99964488a8a4fe9c6f007b9abab5518d3e9eec5b1684d53