[cabfpub] Application for SHA-1 Issuance
Andrew Ayer
andrew at sslmate.com
Sat Jul 16 10:11:02 MST 2016
Hi Dean,
Could you resend this email, CCing a representative of the Subscriber,
as required by Step One of the
"Post Jan 2016 SHA-1 Issuance Request Procedure Version 1.1"? Besides
being a requirement, I have several questions and it would streamline
the process if the Subscriber could see them.
Regards,
Andrew
On Fri, 15 Jul 2016 23:48:00 +0000
Dean Coclin <Dean_Coclin at symantec.com> wrote:
> Enclosed please find the application for SHA-1 issuance presented on
> behalf of our client. Note that the application was fully completed
> by the client.
>
> In addition, please find the TBS certificates generated by Symantec.
>
> Accompanying each TBSCertificate is a crt.sh link to the
> corresponding SHA-2 certificate issued by our online system as a
> prerequisite, so that we capture evidence of authentication and
> verification of the information in the certificate. The
> TBSCertificates differ from these certificates by Issuer name,
> because our online systems can sign only with SHA-2 issuers. And
> since the Issuer name is different, corresponding extensions (CDP,
> AIA, AKI) are different as well.
>
> The TBSCertificates do not include public keys from older CT-logged
> certificates; they include public keys that correspond to private
> keys that were recently generated on the servers and that await the
> approval of these requests. The customer uses a CDN that uses OpenSSL
> to generate key pairs from a secure server. A separate secure server
> is used for private key pass-phrase retention.
>
> As this is the first time this is being done, there may be follow-up
> questions or items that were inadvertently omitted which we are happy
> to address.
>
> We ask that the community give good consideration to this request.
>
> One thing you will notice is the validity date extends to Feb 10,
> 2017. In the payment industry, 31 December is an absolutely horrible
> time to make a change as it represents one of the peak times for
> traffic. The client has aligned the date with the published Microsoft
> end date for SHA-1.
>
> Thank you,
>
> Dean Coclin
> Symantec
>
>
> To reconstitute the TBSCertificate in binary DER form, use the Linux
> command:
> base64 --decode > tbs.der
> Then paste in a block of text from below, followed by an EOF
> (control-D).
>
> ----------
> https://crt.sh/?id=24605911
>
> 0:d=0 hl=4 l=1064 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :1742B08A1110D4AAA17A559AFA0B045C
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 139 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 39 cons: SET
> 335:d=3 hl=2 l= 37 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 30 prim: PRINTABLESTRING
> :TDS-2-Ashburn-SCA-bbL6gMDyTZU8
> 374:d=2 hl=2 l= 31 cons: SET
> 376:d=3 hl=2 l= 29 cons: SEQUENCE
> 378:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 383:d=4 hl=2 l= 22 prim: PRINTABLESTRING :ssl1.tsysacquiring.net
> 407:d=1 hl=4 l= 290 cons: SEQUENCE
> 411:d=2 hl=2 l= 13 cons: SEQUENCE
> 413:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 424:d=3 hl=2 l= 0 prim: NULL
> 426:d=2 hl=4 l= 271 prim: BIT STRING
> 701:d=1 hl=4 l= 363 cons: cont [ 3 ]
> 705:d=2 hl=4 l= 359 cons: SEQUENCE
> 709:d=3 hl=2 l= 9 cons: SEQUENCE
> 711:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 716:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 720:d=3 hl=2 l= 97 cons: SEQUENCE
> 722:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 727:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 819:d=3 hl=2 l= 43 cons: SEQUENCE
> 821:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 826:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 864:d=3 hl=2 l= 29 cons: SEQUENCE
> 866:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 871:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 895:d=3 hl=2 l= 14 cons: SEQUENCE
> 897:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 902:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 905:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 911:d=3 hl=2 l= 87 cons: SEQUENCE
> 913:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 923:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 1000:d=3 hl=2 l= 33 cons: SEQUENCE
> 1002:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1007:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
> 1035:d=3 hl=2 l= 31 cons: SEQUENCE
> 1037:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1042:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEKKADAgECAhAXQrCKERDUqqF6VZr6CwRcMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBizELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMScwJQYDVQQL
> Ex5URFMtMi1Bc2hidXJuLVNDQS1iYkw2Z01EeVRaVTgxHzAdBgNVBAMTFnNzbDEudHN5c2FjcXVp
> cmluZy5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XHs9lBDLNT2EZOFSgMVx
> wlPWoBitXir1IDgTWASyLl3oaJR3D5nA1XbR
> +DsHdMmRK72MKTAfpK2xThpqRziBn00Zkfs9kt1r
> yx6NM9S/6q8/539B9YXuf6Y8L656Lkvx8G8fN7i/gdAbHXX11a8l9Owtq4S0KL6qpA4IxpFtiEZX
> jpNFD5WgDlZMN8RUvJY1TPQU2eTxAnYZkAkgu300Xj3HlqMn7bfRswr5p1X1nPklfbHGPsSxxeLW
> nqXQfIUPPNKeZzMrH3vt/R3f5q2Kx2A0G/jiXXJxsOa6tTk0aR5XrPjDsVUbClJ8FG/Iu/V5YzcN
> ExGKRNeX8hHmakZ9AgMBAAGjggFrMIIBZzAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQIC
> MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0
> dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5j
> b20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAw
> VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUF
> BzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAhBgNVHREEGjAYghZzc2wxLnRzeXNhY3F1
> aXJpbmcubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1
>
> ----------
> https://crt.sh/?id=24605923
>
> 0:d=0 hl=4 l=1063 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :28AEB56BBD95511DCD4FD0B65CBD1BDB
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 138 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 38 cons: SET
> 335:d=3 hl=2 l= 36 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 29 prim: PRINTABLESTRING
> :TDS-2-Dallas-SCA-v2PmB4cxayEu
> 373:d=2 hl=2 l= 31 cons: SET
> 375:d=3 hl=2 l= 29 cons: SEQUENCE
> 377:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 382:d=4 hl=2 l= 22 prim: PRINTABLESTRING :ssl1.tsysacquiring.net
> 406:d=1 hl=4 l= 290 cons: SEQUENCE
> 410:d=2 hl=2 l= 13 cons: SEQUENCE
> 412:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 423:d=3 hl=2 l= 0 prim: NULL
> 425:d=2 hl=4 l= 271 prim: BIT STRING
> 700:d=1 hl=4 l= 363 cons: cont [ 3 ]
> 704:d=2 hl=4 l= 359 cons: SEQUENCE
> 708:d=3 hl=2 l= 9 cons: SEQUENCE
> 710:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 715:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 719:d=3 hl=2 l= 97 cons: SEQUENCE
> 721:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 726:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 818:d=3 hl=2 l= 43 cons: SEQUENCE
> 820:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 825:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 863:d=3 hl=2 l= 29 cons: SEQUENCE
> 865:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 870:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 894:d=3 hl=2 l= 14 cons: SEQUENCE
> 896:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 901:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 904:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 910:d=3 hl=2 l= 87 cons: SEQUENCE
> 912:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 922:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 999:d=3 hl=2 l= 33 cons: SEQUENCE
> 1001:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1006:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
> 1034:d=3 hl=2 l= 31 cons: SEQUENCE
> 1036:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1041:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEJ6ADAgECAhAorrVrvZVRHc1P0LZcvRvbMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBijELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMSYwJAYDVQQL
> Ex1URFMtMi1EYWxsYXMtU0NBLXYyUG1CNGN4YXlFdTEfMB0GA1UEAxMWc3NsMS50c3lzYWNxdWly
> aW5nLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKt0Mjt3xu4Do5vODg338zxh
> P9WQxuqAolZc
> +2cRgzHPWa0MIMbXq7F15cVdkm83uXMF0vGZx4s7Ja0pMEJ3o07EIvZI6bb/OCua
> xnorucw5p34GOF7gVIXmEGBPoUv4g6AmLIemmKLP7bd7
> +Yw506wTsDbISk4r6K3bn3mdPmJkgWus
> 3NYVbFZbVniZwZ4/u2x6MB8yo8ldHtdfjDNlemk5vtvgWbLHGKhQCFJM/g1kg08
> +snr2bCNWyA+A i5v65+ydfU+mg2lVGdKh8QP6Aj+o8B+AVwYCVsmn3jrM
> +BItpAcrWpv7e/oym9j0TwesssKLtfjq
> 1zlhRNZt8kJVMXsCAwEAAaOCAWswggFnMAkGA1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgIw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0
> cHM6Ly9kLnN5bWNiLmNvbS9ycGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNv
> bS9zZS5jcmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBX
> BggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUH
> MAKGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3J0MCEGA1UdEQQaMBiCFnNzbDEudHN5c2FjcXVp
> cmluZy5uZXQwHwYDVR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALU=
>
> ----------
> https://crt.sh/?id=24605938
>
> 0:d=0 hl=4 l=1052 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :16A1C0BCE737C9297E2EB0590415884C
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 133 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 39 cons: SET
> 335:d=3 hl=2 l= 37 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 30 prim: PRINTABLESTRING
> :TDS-2-Ashburn-SCA-bbL6gMDyTZU8
> 374:d=2 hl=2 l= 25 cons: SET
> 376:d=3 hl=2 l= 23 cons: SEQUENCE
> 378:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 383:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl1.vitalps.net
> 401:d=1 hl=4 l= 290 cons: SEQUENCE
> 405:d=2 hl=2 l= 13 cons: SEQUENCE
> 407:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 418:d=3 hl=2 l= 0 prim: NULL
> 420:d=2 hl=4 l= 271 prim: BIT STRING
> 695:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 699:d=2 hl=4 l= 353 cons: SEQUENCE
> 703:d=3 hl=2 l= 9 cons: SEQUENCE
> 705:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 710:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 714:d=3 hl=2 l= 97 cons: SEQUENCE
> 716:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 721:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 813:d=3 hl=2 l= 43 cons: SEQUENCE
> 815:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 820:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 858:d=3 hl=2 l= 29 cons: SEQUENCE
> 860:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 865:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 889:d=3 hl=2 l= 14 cons: SEQUENCE
> 891:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 896:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 899:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 905:d=3 hl=2 l= 87 cons: SEQUENCE
> 907:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 917:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 994:d=3 hl=2 l= 27 cons: SEQUENCE
> 996:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1001:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C312E766974616C70732E6E6574
> 1023:d=3 hl=2 l= 31 cons: SEQUENCE
> 1025:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1030:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEHKADAgECAhAWocC85zfJKX4usFkEFYhMMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMScwJQYDVQQL
> Ex5URFMtMi1Bc2hidXJuLVNDQS1iYkw2Z01EeVRaVTgxGTAXBgNVBAMTEHNzbDEudml0YWxwcy5u
> ZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqJmFGeFWvyPveYotAazkntNh3bbM7
> ek5XTaKtYrlPcbeHk6GxGNMqBt
> +q6enleihTLZVuSC1kLt1TImgBEIhKcGns3DWqb3pd4mSYlMy5
> ni3RwANjFwV3bUD2kpSec05EXkr83PO+vJ+4IGukepDxyubxpUlHLGKjN0bZj5Rhyh
> +Z3K6g/UIo a2I9qGxsq27Dyl1weJf7AoO3lFroAXa
> +0d3kFWeWQjpKSfBJJD6IfTa5ekE58hWKyMDgKgsdYmTx
> tK7/RgAOVwbeKvdxuHvxQzjDR6gIVit13pTre2R7YrUbL8BVjBJqfa3uMdEknfH2ar7fQjvUxQny
> G1piJKgLAgMBAAGjggFlMIIBYTAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYI
> KwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2Uu
> Y3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYB
> BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo
> dHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAbBgNVHREEFDASghBzc2wxLnZpdGFscHMubmV0MB8G
> A1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1
>
> ----------
> https://crt.sh/?id=24603563
>
> 0:d=0 hl=4 l=1051 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :461A77CD27D2E3E75E6A5CB1B84727B5
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 132 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 38 cons: SET
> 335:d=3 hl=2 l= 36 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 29 prim: PRINTABLESTRING
> :TDS-2-Dallas-SCA-v2PmB4cxayEu
> 373:d=2 hl=2 l= 25 cons: SET
> 375:d=3 hl=2 l= 23 cons: SEQUENCE
> 377:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 382:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl1.vitalps.net
> 400:d=1 hl=4 l= 290 cons: SEQUENCE
> 404:d=2 hl=2 l= 13 cons: SEQUENCE
> 406:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 417:d=3 hl=2 l= 0 prim: NULL
> 419:d=2 hl=4 l= 271 prim: BIT STRING
> 694:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 698:d=2 hl=4 l= 353 cons: SEQUENCE
> 702:d=3 hl=2 l= 9 cons: SEQUENCE
> 704:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 709:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 713:d=3 hl=2 l= 97 cons: SEQUENCE
> 715:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 720:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 812:d=3 hl=2 l= 43 cons: SEQUENCE
> 814:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 819:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 857:d=3 hl=2 l= 29 cons: SEQUENCE
> 859:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 864:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 888:d=3 hl=2 l= 14 cons: SEQUENCE
> 890:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 895:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 898:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 904:d=3 hl=2 l= 87 cons: SEQUENCE
> 906:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 916:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 993:d=3 hl=2 l= 27 cons: SEQUENCE
> 995:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1000:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C312E766974616C70732E6E6574
> 1022:d=3 hl=2 l= 31 cons: SEQUENCE
> 1024:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1029:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEG6ADAgECAhBGGnfNJ9Lj515qXLG4Rye1MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMSYwJAYDVQQL
> Ex1URFMtMi1EYWxsYXMtU0NBLXYyUG1CNGN4YXlFdTEZMBcGA1UEAxMQc3NsMS52aXRhbHBzLm5l
> dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj1EBOQa
> +LD1QAw1S75YJYGRvTsrrMw 1eg6Wkt2s9lY5wzQf61AH+KKPK
> +uwI5xEPUfilYt5iKAGa9mdAXfdiYKJV7lfAbC6LUOzYkS3QSu xM
> +SQIf3cc5OYI3BzK0UDCYwEopHzpUGxQ2KYet94C6gILdzm8eBL3klBxbM
> +HLA8w16g1RgCUx7 Q/OoqLMsaPzj+KZZz
> +aeKAECkDj8rts00LGPK3O404//qJlzmmiva50y3C/nmWTkgpn0v0aaH0BM
> ReEOGT5ds9giXWThHwjFXTEGMyZbK5/QOMXe0qOgmWCc5TbjuAEW4Gt
> +VdkOs/B9W8a/JPCL16fx
> eFEOdQMCAwEAAaOCAWUwggFhMAkGA1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr
> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9k
> LnN5bWNiLmNvbS9ycGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9zZS5j
> cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBXBggrBgEF
> BQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0
> dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3J0MBsGA1UdEQQUMBKCEHNzbDEudml0YWxwcy5uZXQwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALU=
>
> ----------
> https://crt.sh/?id=24605901
>
> 0:d=0 hl=4 l=1052 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :31A4E0A5A052CB270BAAFEB9EDCA561C
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 133 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 39 cons: SET
> 335:d=3 hl=2 l= 37 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 30 prim: PRINTABLESTRING
> :TDS-2-Ashburn-SCA-bbL6gMDyTZU8
> 374:d=2 hl=2 l= 25 cons: SET
> 376:d=3 hl=2 l= 23 cons: SEQUENCE
> 378:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 383:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl2.vitalps.net
> 401:d=1 hl=4 l= 290 cons: SEQUENCE
> 405:d=2 hl=2 l= 13 cons: SEQUENCE
> 407:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 418:d=3 hl=2 l= 0 prim: NULL
> 420:d=2 hl=4 l= 271 prim: BIT STRING
> 695:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 699:d=2 hl=4 l= 353 cons: SEQUENCE
> 703:d=3 hl=2 l= 9 cons: SEQUENCE
> 705:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 710:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 714:d=3 hl=2 l= 97 cons: SEQUENCE
> 716:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 721:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 813:d=3 hl=2 l= 43 cons: SEQUENCE
> 815:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 820:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 858:d=3 hl=2 l= 29 cons: SEQUENCE
> 860:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 865:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 889:d=3 hl=2 l= 14 cons: SEQUENCE
> 891:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 896:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 899:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 905:d=3 hl=2 l= 87 cons: SEQUENCE
> 907:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 917:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 994:d=3 hl=2 l= 27 cons: SEQUENCE
> 996:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1001:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C322E766974616C70732E6E6574
> 1023:d=3 hl=2 l= 31 cons: SEQUENCE
> 1025:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1030:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEHKADAgECAhAxpOCloFLLJwuq/rntylYcMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMScwJQYDVQQL
> Ex5URFMtMi1Bc2hidXJuLVNDQS1iYkw2Z01EeVRaVTgxGTAXBgNVBAMTEHNzbDIudml0YWxwcy5u
> ZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDayoZKABDEsmXoYERyW4PyXjw9a7Cn
> /6ms3Jq5S6E5Jn6HUJpSUMO+YoRkh
> +t/DczoWHuveq7tBGAMtJUk6Y38zboXo58zDLCGngnt7Odg
> H2JxJTBzJ0HW5vqT2R/7oanGZCAEim7FUyJ70prvsfgygqsZq9k7C4DOs1U2Zj2Lq
> +VrSUZgtLB2
> sG0dKRPGFed3xSqtseOduqROCcivqp9zNjbnSH8QqVJ1ubIp01rGhKsWsD1BKPPsT7k93MybqRpj
> FMBuAcCvHfURgk4RRAJp0KlZAuemGHbZSq/jWNJsTTTeft1uRjMBBnN3GLf61mWUZJBKZyLrPJu7
> u3Ci
> +ZUnAgMBAAGjggFlMIIBYTAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYI
> KwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2Uu
> Y3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYB
> BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo
> dHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAbBgNVHREEFDASghBzc2wyLnZpdGFscHMubmV0MB8G
> A1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1
>
> ----------
> https://crt.sh/?id=24605897
>
> 0:d=0 hl=4 l=1051 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :7513714F7C3FDF897563334107892069
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 132 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 38 cons: SET
> 335:d=3 hl=2 l= 36 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 29 prim: PRINTABLESTRING
> :TDS-2-Dallas-SCA-v2PmB4cxayEu
> 373:d=2 hl=2 l= 25 cons: SET
> 375:d=3 hl=2 l= 23 cons: SEQUENCE
> 377:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 382:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl2.vitalps.net
> 400:d=1 hl=4 l= 290 cons: SEQUENCE
> 404:d=2 hl=2 l= 13 cons: SEQUENCE
> 406:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 417:d=3 hl=2 l= 0 prim: NULL
> 419:d=2 hl=4 l= 271 prim: BIT STRING
> 694:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 698:d=2 hl=4 l= 353 cons: SEQUENCE
> 702:d=3 hl=2 l= 9 cons: SEQUENCE
> 704:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 709:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 713:d=3 hl=2 l= 97 cons: SEQUENCE
> 715:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 720:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 812:d=3 hl=2 l= 43 cons: SEQUENCE
> 814:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 819:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 857:d=3 hl=2 l= 29 cons: SEQUENCE
> 859:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 864:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 888:d=3 hl=2 l= 14 cons: SEQUENCE
> 890:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 895:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 898:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 904:d=3 hl=2 l= 87 cons: SEQUENCE
> 906:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 916:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 993:d=3 hl=2 l= 27 cons: SEQUENCE
> 995:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1000:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C322E766974616C70732E6E6574
> 1022:d=3 hl=2 l= 31 cons: SEQUENCE
> 1024:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1029:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEG6ADAgECAhB1E3FPfD/fiXVjM0EHiSBpMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMSYwJAYDVQQL
> Ex1URFMtMi1EYWxsYXMtU0NBLXYyUG1CNGN4YXlFdTEZMBcGA1UEAxMQc3NsMi52aXRhbHBzLm5l
> dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLHs/6/uOTbCYF6B3q8
> +RWzXsPxVjSR
> 7UkIif4A8Jw181U/le7mqAB3UsK6CAgsgUw1fYq7vmeDJIwcIzSACwuTTc6VIeSQBhmeduqB5gw1
> ciubkQtBlxqvJ7baNcmk8/IaaYjEJHcy4ycXdd4RMEaOTvtk5
> +oH8Im7H9WNla4cxU4GUKqtLnGr 5ZF9YnKrmY2dX4Wy2lX
> +sieJXoIhxgg1Xkb4sto4YkpKG0Xl9YP2GMl0XAJtnrjqcKhuJaA1iZPy
> E4GwWrl9m5pzOQOK5aGpoNump16x5B75xglVHZwb6jBMkEHjavNaPR4eh7/+RIUYD6cGBZUaQkTQ
> lBKjBGkCAwEAAaOCAWUwggFhMAkGA1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr
> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9k
> LnN5bWNiLmNvbS9ycGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9zZS5j
> cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBXBggrBgEF
> BQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0
> dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3J0MBsGA1UdEQQUMBKCEHNzbDIudml0YWxwcy5uZXQwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALU=
>
> ----------
> https://crt.sh/?id=24605892
>
> 0:d=0 hl=4 l=1052 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :0A401380CA911598A9C5D39E1F07D576
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 133 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 39 cons: SET
> 335:d=3 hl=2 l= 37 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 30 prim: PRINTABLESTRING
> :TDS-2-Ashburn-SCA-bbL6gMDyTZU8
> 374:d=2 hl=2 l= 25 cons: SET
> 376:d=3 hl=2 l= 23 cons: SEQUENCE
> 378:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 383:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl3.vitalps.net
> 401:d=1 hl=4 l= 290 cons: SEQUENCE
> 405:d=2 hl=2 l= 13 cons: SEQUENCE
> 407:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 418:d=3 hl=2 l= 0 prim: NULL
> 420:d=2 hl=4 l= 271 prim: BIT STRING
> 695:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 699:d=2 hl=4 l= 353 cons: SEQUENCE
> 703:d=3 hl=2 l= 9 cons: SEQUENCE
> 705:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 710:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 714:d=3 hl=2 l= 97 cons: SEQUENCE
> 716:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 721:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 813:d=3 hl=2 l= 43 cons: SEQUENCE
> 815:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 820:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 858:d=3 hl=2 l= 29 cons: SEQUENCE
> 860:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 865:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 889:d=3 hl=2 l= 14 cons: SEQUENCE
> 891:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 896:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 899:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 905:d=3 hl=2 l= 87 cons: SEQUENCE
> 907:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 917:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 994:d=3 hl=2 l= 27 cons: SEQUENCE
> 996:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1001:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C332E766974616C70732E6E6574
> 1023:d=3 hl=2 l= 31 cons: SEQUENCE
> 1025:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1030:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEHKADAgECAhAKQBOAypEVmKnF054fB9V2MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMScwJQYDVQQL
> Ex5URFMtMi1Bc2hidXJuLVNDQS1iYkw2Z01EeVRaVTgxGTAXBgNVBAMTEHNzbDMudml0YWxwcy5u
> ZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3RCW/fjCam4nILKe3bEcUD3u8y2XK
> lxDSe/EyOa2MwHakXx4JBqbBtE2SySlO6HvxJ9sbAnjKU
> +3/+KsPZGXJDDllq7JmsRNps3hAdsHA 95h0TKAZDTR6Yk5pwv
> +huIyMfT1NRuEA1HUsv0l8tdyRenL8Aap0+p9Dqohqc+FiE8UaDEECSORw
> BCGJ0jlkhqrLkOsu5aeM7xa9et5GMFQEYGehhjCWZYA2medvdi2nmKbTB3zVFlCiiC8lzzM7GPmB
> B3M3o3C7jC8xFo2O/LvZ1mmeFcFJ0cCLhzjp6hrJ
> +ohk8zdHvB4Kkpa43gfrX1gwDOikQjEUBbz/
> NpQeG561AgMBAAGjggFlMIIBYTAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYI
> KwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2Uu
> Y3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYB
> BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo
> dHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAbBgNVHREEFDASghBzc2wzLnZpdGFscHMubmV0MB8G
> A1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1
>
> ----------
> https://crt.sh/?id=24605907
>
> 0:d=0 hl=4 l=1051 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :2FC508AE1FA00566CD09574181A46C7B
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
> 265:d=1 hl=3 l= 132 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 17 cons: SET
> 301:d=3 hl=2 l= 15 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 8 prim: PRINTABLESTRING :Columbus
> 318:d=2 hl=2 l= 13 cons: SET
> 320:d=3 hl=2 l= 11 cons: SEQUENCE
> 322:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 327:d=4 hl=2 l= 4 prim: PRINTABLESTRING :TSYS
> 333:d=2 hl=2 l= 38 cons: SET
> 335:d=3 hl=2 l= 36 cons: SEQUENCE
> 337:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 342:d=4 hl=2 l= 29 prim: PRINTABLESTRING
> :TDS-2-Dallas-SCA-v2PmB4cxayEu
> 373:d=2 hl=2 l= 25 cons: SET
> 375:d=3 hl=2 l= 23 cons: SEQUENCE
> 377:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 382:d=4 hl=2 l= 16 prim: PRINTABLESTRING :ssl3.vitalps.net
> 400:d=1 hl=4 l= 290 cons: SEQUENCE
> 404:d=2 hl=2 l= 13 cons: SEQUENCE
> 406:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 417:d=3 hl=2 l= 0 prim: NULL
> 419:d=2 hl=4 l= 271 prim: BIT STRING
> 694:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 698:d=2 hl=4 l= 353 cons: SEQUENCE
> 702:d=3 hl=2 l= 9 cons: SEQUENCE
> 704:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic
> Constraints 709:d=4 hl=2 l= 2 prim: OCTET STRING [HEX
> DUMP]:3000 713:d=3 hl=2 l= 97 cons: SEQUENCE
> 715:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies 720:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 812:d=3 hl=2 l= 43 cons: SEQUENCE
> 814:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL
> Distribution Points
> 819:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 857:d=3 hl=2 l= 29 cons: SEQUENCE
> 859:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
> Usage 864:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 888:d=3 hl=2 l= 14 cons: SEQUENCE
> 890:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 895:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 898:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 904:d=3 hl=2 l= 87 cons: SEQUENCE
> 906:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access 916:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 993:d=3 hl=2 l= 27 cons: SEQUENCE
> 995:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative Name
> 1000:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821073736C332E766974616C70732E6E6574
> 1022:d=3 hl=2 l= 31 cons: SEQUENCE
> 1024:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 1029:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>
> MIIEG6ADAgECAhAvxQiuH6AFZs0JV0GBpGx7MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcTCENvbHVtYnVzMQ0wCwYDVQQKEwRUU1lTMSYwJAYDVQQL
> Ex1URFMtMi1EYWxsYXMtU0NBLXYyUG1CNGN4YXlFdTEZMBcGA1UEAxMQc3NsMy52aXRhbHBzLm5l
> dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsySNCCFICJMRLTsgByyGZM4zXNijK4
> 6btR22h40+G9clnoUWIPPvpPM3ZHiZ7
> +CJe0xCZGFvPlQkc1R8wUV/YroP2pyQfQ0jehUCzfY4Wk dROIfXW3ZpvInDj
> +45NWbUR3Zf4xgolXTNlKS3FjROKnH+QPXgevypFpUFY7+j6Q1+onuTcj5tkb
> nt9UYqyUjSV2uQicwHnUuReyWcNLftcpfYzFK5aRXaU5V0lfjW/Ee8SF8PljmVQt8t45jGqMFY1T
> HAH1Fl+QEdvOGLXBW6nmkuDTeS6RYmhEYUlIbpbPsHGESo+
> +DdPYvDcMmh881MvY5Fs4wfHgqcNa
> aaQNmlcCAwEAAaOCAWUwggFhMAkGA1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr
> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9k
> LnN5bWNiLmNvbS9ycGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9zZS5j
> cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDBXBggrBgEF
> BQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0
> dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3J0MBsGA1UdEQQUMBKCEHNzbDMudml0YWxwcy5uZXQwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALU=
>
> ----------
>
>
>
>
More information about the Public
mailing list