*.nypl.org

Issued by Trusted Secure Certificate Authority 5

About this certificate


This digital certificate with serial number 18:5b:1e:1c:00:8b:16:df:b2:40:77:5f:6b:25:2d:01 was issued on by Corporation Service Company .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • WARNING: Using depricated TeletexString for '[*.nypl.org]'

New York Public Library

Organization: New York Public Library
Organization unit: New York Public Library
Organization unit: Enterprise SSL Wildcard
Address: 40 West 20th Street ,5th Floor
Postal code: 10018
State / Province: NY
Locality: New York
Country: US

Corporation Service Company

Organization: Corporation Service Company
Postal code: 10018
State / Province: NY
Locality: New York
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 18:5b:1e:1c:00:8b:16:df:b2:40:77:5f:6b:25:2d:01
Serial Number (int): 32374581603809458920859198063129210113
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: e0:7f:a7:61:9f:df:30:a9:b0:03:7d:e9:82:4f:aa:f4:45:ef:ee:5e
AuthorityKeyId: f2:bb:55:ee:fc:8f:cf:d0:3f:14:68:1a:95:7e:79:0e:ab:17:30:f4

Fingerprint (sha1): 08:18:cb:e5:68:f0:64:c6:ec:d1:0e:68:34:f2:1c:1c:66:aa:5f:80
Fingerprint (sha256): 2f:2c:7e:74:a9:f6:80:fa:60:37:30:d7:fc:a4:80:97:fb:35:8e:63:98:8a:08:9d:d4:48:a0:b3:ba:55:d7:31

Issuing Certificate URL: http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl

Check the revocation status for the current certificate on *.nypl.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.nypl.org
nypl.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFuzCCBKOgAwIBAgIQGFseHACLFt+yQHdfayUtATANBgkqhkiG9w0BAQsFADCB hjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkRFMRMwEQYDVQQHEwpXaWxtaW5ndG9u MSQwIgYDVQQKExtDb3Jwb3JhdGlvbiBTZXJ2aWNlIENvbXBhbnkxLzAtBgNVBAMT JlRydXN0ZWQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSA1MB4XDTE1MDUx MzAwMDAwMFoXDTE2MDUxMjIzNTk1OVowgeExCzAJBgNVBAYTAlVTMQ4wDAYDVQQR EwUxMDAxODELMAkGA1UECBMCTlkxETAPBgNVBAcTCE5ldyBZb3JrMScwJQYDVQQJ Ex40MCBXZXN0IDIwdGggU3RyZWV0ICw1dGggRmxvb3IxIDAeBgNVBAoTF05ldyBZ b3JrIFB1YmxpYyBMaWJyYXJ5MSAwHgYDVQQLExdOZXcgWW9yayBQdWJsaWMgTGli cmFyeTEgMB4GA1UECxMXRW50ZXJwcmlzZSBTU0wgV2lsZGNhcmQxEzARBgNVBAMU CioubnlwbC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbLUf3 8QSBMdK/GT2Sicrfhcca5SKoRmcLVfYZWUxsgDBeKsq7VDovjL++bsW5uB1I+DVV fIjPGU9kKrsUxMSuhRed22VPwfVY9/UIXBWoBm92NG7n/0f3M9qB6y+B5JeZ1Sku nMnFvNeqE4T/bJ6g8H1bKkKdK9i1fqf9QfGFVaRBH2n8Cwx/nwcmmDDdChzJwKvK MFefEfDsUDFTGpeUfX5/aVFILzzOQ6mlWbHwAH2yc8tpoHZrMZian2PWcNRB5GKW CRWA1IWxNznSU8dv2qvkVwF3bjKyU3ekW0foMlvi31qKIDwsaNjZM0tb7s5FHAvL feJastOHHsGiU/qTAgMBAAGjggHGMIIBwjAfBgNVHSMEGDAWgBTyu1Xu/I/P0D8U aBqVfnkOqxcw9DAdBgNVHQ4EFgQU4H+nYZ/fMKmwA33pgk+q9EXv7l4wDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQECAggwJzAlBggrBgEFBQcCARYZ aHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgIwUAYDVR0fBEkwRzBF oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1RydXN0ZWRTZWN1cmVDZXJ0 aWZpY2F0ZUF1dGhvcml0eTUuY3JsMIGCBggrBgEFBQcBAQR2MHQwSwYIKwYBBQUH MAKGP2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9UcnVzdGVkU2VjdXJlQ2VydGlm aWNhdGVBdXRob3JpdHk1LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNl cnRydXN0LmNvbTAfBgNVHREEGDAWggoqLm55cGwub3JngghueXBsLm9yZzANBgkq hkiG9w0BAQsFAAOCAQEAa8L9IQNcYJYh7U5mVPmu+txz4svzsu0pOlSEbIFdpmUa xKATsR5ZZVit4x8BMiGh9WiWMosVtqe/Al9vdUabEYPDpEcDw1EnsSvTg2yFLo98 83+sAW98bumaYM42Ug6neRyfJtLPCv3oaGKmGpxWVdEclH7JF2wY41hA19ABVopI p3jjCApl2ywtUnM5JIbclex1r+6SKonIynug7LiwqH+1Xtr1zHc0dXRtYVz31s0J NoBMgA4Duo8X1YoW2K0ERa2mteSNl36nCLrY7y/SvZ5Xoi+t4/Y3oSEXlXsazUB+ zl9jiTHxz2CMnTUM0up2rWTd4fQanGP1ZV1DeHUh4A== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy1H9/EEgTHSvxk9konK 34XHGuUiqEZnC1X2GVlMbIAwXirKu1Q6L4y/vm7FubgdSPg1VXyIzxlPZCq7FMTE roUXndtlT8H1WPf1CFwVqAZvdjRu5/9H9zPagesvgeSXmdUpLpzJxbzXqhOE/2ye oPB9WypCnSvYtX6n/UHxhVWkQR9p/AsMf58HJpgw3QocycCryjBXnxHw7FAxUxqX lH1+f2lRSC88zkOppVmx8AB9snPLaaB2azGYmp9j1nDUQeRilgkVgNSFsTc50lPH b9qr5FcBd24yslN3pFtH6DJb4t9aiiA8LGjY2TNLW+7ORRwLy33iWrLThx7BolP6 kwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 32374581603809458920859198063129210113 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wilmington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority 5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-05-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10018' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NY' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '40 West 20th Street ,5th Floor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York Public Library' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York Public Library' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Wildcard' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.nypl.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19589266225692451948708563184110628415482707272387051195781712459152427068153896371798501454815926921531393800818442119696297638919848284933651472805142950617471185843196080521130273955769006076445672715549311694020866980998350708216614806351807889827691448791548903963396948408317776343959669551501217555129004937074692171836816738635768733715655807150751253359642328982169102357791974134626544987554145123117602143650596629604714838101756705292020313586614980544558712349455127910183175293004024912669885728983238983490562127875064319440179585248537052875797071566311545012565006935750781876452436231429378993814163 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f2bb55eefc8fcfd03f14681a957e790eab1730f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e07fa7619fdf30a9b0037de9824faaf445efee5e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nypl.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nypl.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006bc2fd21035c609621ed4e6654f9aefadc73e2cbf3b2ed293a54846c815da6651ac4a013b11e596558ade31f013221a1f56896328b15b6a7bf025f6f75469b1183c3a44703c35127b12bd3836c852e8f7cf37fac016f7c6ee99a60ce36520ea7791c9f26d2cf0afde86862a61a9c5655d11c947ec9176c18e35840d7d001568a48a778e3080a65db2c2d5273392486dc95ec75afee922a89c8ca7ba0ecb8b0a87fb55edaf5cc773475746d615cf7d6cd0936804c800e03ba8f17d58a16d8ad0445ada6b5e48d977ea708bad8ef2fd2bd9e57a22fade3f637a12117957b1acd407ece5f638931f1cf608c9d350cd2ea76ad64dde1f41a9c63f5655d43787521e0