[cabfpub] Application for SHA-1 Issuance
Rob Stradling
rob.stradling at comodo.com
Mon Jul 25 09:25:08 UTC 2016
On 23/07/16 01:28, Dean Coclin wrote:
> Thanks, is there another comment, or are you ok?
Hi Dean. I had one other comment.
"Did Symantec consider Ryan's offer to help with generating the serial
numbers according to a rigid construction? If not, why not?"
Thanks.
> -----Original Message-----
> From: Rob Stradling [mailto:rob.stradling at comodo.com]
> Sent: Friday, July 22, 2016 7:57 PM
> To: Dean Coclin <Dean_Coclin at symantec.com>; CABFPub <public at cabforum.org>
> Subject: Re: [cabfpub] Application for SHA-1 Issuance
>
> On 23/07/16 00:25, Rob Stradling wrote:
>> Dean,
>>
>> I was pleased to see that you'd used PrintableStrings in your previous
>> batch of TBSCertificates for TSYS, but it's disappointing to see
>> T61Strings in this new batch.
>
> Please ignore that comment. It's been pointed out to me that, since the
> Existing Certificates used T61Strings, the new certs should use
> T61Strings too.
>
> "Existing Certificate Information
>
> Ideally the proposed tbsCertificate should correspond to an Existing
> Certificate logged in at least two Certificate Transparency logs trusted
> by one or more Application Software Suppliers, with an audit proof to a
> Signed Tree Head with a timestamp prior to 1st January 2016 and
> differing only by:
> - signature AlgorithmIdentifier
> - Serial Number, which must have at least 60 bits of entropy
> - Validity, which must have a notAfter on or before 31st December 2016"
>
>> Did Symantec consider Ryan's offer to help with generating the serial
>> numbers according to a rigid construction? If not, why not?
>>
>> Thanks.
>>
>> On 22/07/16 23:55, Dean Coclin wrote:
>>> Based on feedback from the community, TSYS and Symantec have created new
> TBS
>>> certificates. These use existing keys and do not contain the
> miscellaneous
>>> characters in the OU that the others contained (and were explained by
> TSYS).
>>> These TBSCertificates have the same public keys from the existing
>>> certificates on which they're based, and should differ only in serial
> number
>>> and dates
>>>
>>> You will notice there are only 7 certificates instead of 8 due to a
> change
>>> TSYS made in early 2016 to align dates into August for Expiration. Most
>>> servers have a Dallas and a Reston version; for one server they
> duplicated
>>> one private key and cert so there's only one cert for both sites.
>>>
>>> To reconstitute the TBSCertificate in binary DER form, use the Linux
>>> command:
>>> base64 --decode > tbs.der
>>> Then paste in a block of text from below, followed by an EOF (control-D).
>>>
>>> ----------------------------------------
>>>
>>> ssl1.tsysacquiring.net (based on https://crt.sh/?id=12924024)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFOjCCBCKgAwIBAgIQfN9GpTEgg8dMV3KfmuboLjANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxNTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowdzELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMR8wHQYDVQQDFBZzc2wxLnRzeXNhY3F1aXJp
>>> bmcubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vbHdGqwEWy0
>>> qmpyRlZuZbygE68fAxGrWUqow2YIo2PlVKX74sBC+hK7e7AYpM8P2mueLbbUCjBJ
>>> ChIiMLdaQfL9L9ZchoMi0YS3O7cFVFfg7i8BKZ5L4JCisqYVZnT8pJgVMd/Hvqqw
>>> 2xLx3pddQzBUK0D4VdJBcDVbyD4/j5/vGe9PUfBBJE/xmDa6T/k+ZH2PtcJ4/eWt
>>> mfrtl1Ncz2/vLXg2v+FZLYVc1eQSgyFci0OEmxrK2oNa9OPXDQIO/cjLCxUP4g7I
>>> E7U0MSx6lzbLgSR8V1UPlsw2kkZgPUD7JAAITJ5cCcJKx0zT+CZYIjs71kJL7Ne5
>>> 7i9fWw6H/QIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWc3NsMS50c3lzYWNxdWly
>>> aW5nLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggr
>>> BgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG
>>> +EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYI
>>> KwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU
>>> 15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
>>> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
>>> dHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>> Y29tL3NlLmNydDANBgkqhkiG9w0BAQUFAAOCAQEATTAL5DkwpxAeLc9PtdLkpQj0
>>> saugkQNsGgtc6PKtxqBF4Slh4Aylnsve2MwDRDj2FNTCO+rUkNzrBSnSXTKnwfkD
>>> yM1ymuNqECv9+zHEMo8PNPWq4BNs2YSY6Ri+wH1eXHum+sDiizk2whWniBVYWdiY
>>> Yn7aRX8bsiWkjwDWeseHfNzv6KIO/7esmsz8LXyf9qz3OWi++CX4fVEf/0PAbEEE
>>> 3nU00fjS77TfC5A5hW991jzvJ8vpvaTHVuh0g+0JhMNpQJljrS0Nq5cOvLLjGkx+
>>> vH5d+6Adgjl2C0T76rc6I7PEi+489IoWHXEBSE21JBNu7wZ4Q/KFYI1/EZg1VA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1043 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :70125CA8AAEDC172C8E50707B493E30D
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 119 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 31 cons: SET
>>> 355:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 22 prim: T61STRING :ssl1.tsysacquiring.net
>>> 386:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 390:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 403:d=3 hl=2 l= 0 prim: NULL
>>> 405:d=2 hl=4 l= 271 prim: BIT STRING
>>> 680:d=1 hl=4 l= 363 cons: cont [ 3 ]
>>> 684:d=2 hl=4 l= 359 cons: SEQUENCE
>>> 688:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 695:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 699:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 701:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 706:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 798:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 800:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 805:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 843:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 845:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 850:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 874:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 876:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 881:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 884:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 890:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 892:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 902:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 979:d=3 hl=2 l= 33 cons: SEQUENCE
>>> 981:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 986:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
>>> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
>>> 1014:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1016:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1021:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEE6ADAgECAhBwElyoqu3BcsjlBwe0k+MNMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB3MQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1SZXN0b24xHzAdBgNVBAMUFnNzbDEudHN5c2FjcXVpcmluZy5uZXQwggEiMA0GCSqGSIb3
>>>
> DQEBAQUAA4IBDwAwggEKAoIBAQDq9sd0arARbLSqanJGVm5lvKATrx8DEatZSqjDZgijY+VUpfvi
>>>
> wEL6Ert7sBikzw/aa54tttQKMEkKEiIwt1pB8v0v1lyGgyLRhLc7twVUV+DuLwEpnkvgkKKyphVm
>>>
> dPykmBUx38e+qrDbEvHel11DMFQrQPhV0kFwNVvIPj+Pn+8Z709R8EEkT/GYNrpP+T5kfY+1wnj9
>>>
> 5a2Z+u2XU1zPb+8teDa/4VkthVzV5BKDIVyLQ4SbGsrag1r049cNAg79yMsLFQ/iDsgTtTQxLHqX
>>>
> NsuBJHxXVQ+WzDaSRmA9QPskAAhMnlwJwkrHTNP4JlgiOzvWQkvs17nuL19bDof9AgMBAAGjggFr
>>>
> MIIBZzAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBz
>>>
> Oi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
>>>
> MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQG
>>>
> CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsG
>>>
> AQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>>
> Y29tL3NlLmNydDAhBgNVHREEGjAYghZzc2wxLnRzeXNhY3F1aXJpbmcubmV0MB8GA1UdIwQYMBaA
>>> FNebfNgioBX33a1fzimbWMO8RgC1
>>>
>>>
>>> -----------------------------------
>>>
>>> ssl1.tsysacquiring.net (based on https://crt.sh/?id=10997968)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFOjCCBCKgAwIBAgIQKlr28BNu+jfBjcv9eaAkzDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowdzELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMR8wHQYDVQQDFBZzc2wxLnRzeXNhY3F1aXJp
>>> bmcubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFQ4i7PVKE+3
>>> fJYa90a+kECKexeIqLIipcsTlnR0waBd318Y7MMwbBWy+NxSq082vYdQRWPChf5D
>>> 5SLjgJRc3V/XaJqu9kvFi9a5LzLRZV+Vi5cQ37jrLlVT5vyGv7xROM+zi1aSXUsM
>>> Ipu53YDlXLrJm5vsEOx6+htCo3JYoi/bWjL0XQc1hyynk/GW1HQudVAIFIBiyfvs
>>> ifl6YEFx3uXFzbA8hNNWoFg1el7wOmjgqeGCzFn6dMULC+YbbS0SKeeK8O+4q6D2
>>> 5N4jx4FkPWL0wPb4LHKzDi9IdRJQD8Z1UQaw812CSbpLOCVtZKwKY43ZvSOlx/e1
>>> vbyru/jdXwIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWc3NsMS50c3lzYWNxdWly
>>> aW5nLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggr
>>> BgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG
>>> +EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYI
>>> KwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU
>>> 15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
>>> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
>>> dHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>> Y29tL3NlLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAll6VCK9oIi2VS47wXawNL4a5
>>> 2xcWV5efKafdXzfI/CM/cOKaBnhEgpx+cUyPLkwO/2zYiO6nho18LAYsOCJyU5cB
>>> +sHmJ8h035IP20LEE6ddiL3DrfCD3bXg04+ATs28W1mhdNsbcsSqtF6FG2hyi1dy
>>> 8/BR62rutvyC5OuZP32cXZZgJu8xGwIQxtmzrYqG2WUPA05A8zPImQcj8KeJUM/e
>>> AusFQKu5VVxycH8OQb6U6P90H9Zf5W7nzAo2c+wZEx26CMTWqDKhWr58MnehGU9Q
>>> W+1glt+DKwHznztq3UQuDF6xuHBbzVbau4VqBAWjRE1gM718xuBLwsRtDSIAWA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1043 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :20924C61364BC9860739A65E150F40E2
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 119 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 31 cons: SET
>>> 355:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 22 prim: T61STRING :ssl1.tsysacquiring.net
>>> 386:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 390:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 403:d=3 hl=2 l= 0 prim: NULL
>>> 405:d=2 hl=4 l= 271 prim: BIT STRING
>>> 680:d=1 hl=4 l= 363 cons: cont [ 3 ]
>>> 684:d=2 hl=4 l= 359 cons: SEQUENCE
>>> 688:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 695:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 699:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 701:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 706:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 798:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 800:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 805:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 843:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 845:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 850:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 874:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 876:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 881:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 884:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 890:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 892:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 902:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 979:d=3 hl=2 l= 33 cons: SEQUENCE
>>> 981:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 986:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
>>> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
>>> 1014:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1016:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1021:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEE6ADAgECAhAgkkxhNkvJhgc5pl4VD0DiMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB3MQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1EYWxsYXMxHzAdBgNVBAMUFnNzbDEudHN5c2FjcXVpcmluZy5uZXQwggEiMA0GCSqGSIb3
>>>
> DQEBAQUAA4IBDwAwggEKAoIBAQDAVDiLs9UoT7d8lhr3Rr6QQIp7F4iosiKlyxOWdHTBoF3fXxjs
>>>
> wzBsFbL43FKrTza9h1BFY8KF/kPlIuOAlFzdX9domq72S8WL1rkvMtFlX5WLlxDfuOsuVVPm/Ia/
>>>
> vFE4z7OLVpJdSwwim7ndgOVcusmbm+wQ7Hr6G0KjcliiL9taMvRdBzWHLKeT8ZbUdC51UAgUgGLJ
>>>
> ++yJ+XpgQXHe5cXNsDyE01agWDV6XvA6aOCp4YLMWfp0xQsL5httLRIp54rw77iroPbk3iPHgWQ9
>>>
> YvTA9vgscrMOL0h1ElAPxnVRBrDzXYJJuks4JW1krApjjdm9I6XH97W9vKu7+N1fAgMBAAGjggFr
>>>
> MIIBZzAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBz
>>>
> Oi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
>>>
> MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQG
>>>
> CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsG
>>>
> AQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>>
> Y29tL3NlLmNydDAhBgNVHREEGjAYghZzc2wxLnRzeXNhY3F1aXJpbmcubmV0MB8GA1UdIwQYMBaA
>>> FNebfNgioBX33a1fzimbWMO8RgC1
>>>
>>>
>>> ----------------------------------------
>>>
>>> ssl1.vitalps.net (based on https://crt.sh/?id=4858491)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQZpoeO9e+TCIqp+k4zN0aVDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMRkwFwYDVQQDFBBzc2wxLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmVKgzsstUaQEW8Ab0bx
>>> xP3NXPUIzGq8pF2lriBAMlYPVI+Y/sUvZxQk5BYcxRQI3Ux+A0EzN4EbYB3ib9up
>>> uu1ORyYjJksGAuMzZz4ovkKc64FCbH/ceBGjd6UOjYEbxrnysX3nNevP1ROUW5YT
>>> hrMqLuyoBeK1YvWCUeieXe2A9ysAbF2J2VNaJvtMkMMUrpW3alrkU9pf3re9M68Y
>>> dp3jJDR7GiKvNTB7r8fvpCmkImTC//Q9vrvLYUU4Tl6d++gCxLs2Q1pa+mUqr6f8
>>> fgSwRTNdzzsUV0eLv2+Ugpki823Hl2zgwuv6XM/rD1/B+B9Yk7j+tkstrzsQYVZ1
>>> TQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMS52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEACASjUqP+m3+AFB3Ll53kgxpaASFCLbd29Z1X59gR
>>> 3fgAUyNL8fLEgKwrBC30b5JDpgMXHSJffx0UvZyVUYEJRPvXlfGdkfIfux+afgWr
>>> raXn7PqW5UK4k4wc/iXv19vB1jXEUKNzHMDn5m08g8PAiuhLslInRPO/zUKafVTw
>>> PN2je9okqA0opoLpuQbZfkXVmrPag1z1tRaHQ4Es0qm6s0hg9N/Cac++wncO3DzG
>>> ZgzkbTbDmt2/OQ0na0goKJxEQanClzq20+oOrP0joIKDJZi4C89duukF1PXIGYLG
>>> FVqc0amgbylgiJfZ5aspHG7wydjEToBQmRvqPAZTABZnxA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :03F1C7694784FFDE1F72888DD69F6319
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl1.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C312E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEB6ADAgECAhAD8cdpR4T/3h9yiI3Wn2MZMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1SZXN0b24xGTAXBgNVBAMUEHNzbDEudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
> A4IBDwAwggEKAoIBAQCeZUqDOyy1RpARbwBvRvHE/c1c9QjMarykXaWuIEAyVg9Uj5j+xS9nFCTk
>>>
> FhzFFAjdTH4DQTM3gRtgHeJv26m67U5HJiMmSwYC4zNnPii+QpzrgUJsf9x4EaN3pQ6NgRvGufKx
>>>
> fec168/VE5RblhOGsyou7KgF4rVi9YJR6J5d7YD3KwBsXYnZU1om+0yQwxSulbdqWuRT2l/et70z
>>>
> rxh2neMkNHsaIq81MHuvx++kKaQiZML/9D2+u8thRThOXp376ALEuzZDWlr6ZSqvp/x+BLBFM13P
>>>
> OxRXR4u/b5SCmSLzbceXbODC6/pcz+sPX8H4H1iTuP62Sy2vOxBhVnVNAgMBAAGjggFlMIIBYTAJ
>>>
> BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
> HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
> BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
> hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
> LmNydDAbBgNVHREEFDASghBzc2wxLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> --------------------------------------------
>>>
>>> ssl1.vitalps.net (based on https://crt.sh/?id=4858607)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQaekgbaF9jW5PDVLXvSSXqDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMRkwFwYDVQQDFBBzc2wxLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD1KH2N5/9LQCnShT3mK
>>> Z39xXfZpmYZi8RdhG/MKqDxyZKrplObaYdDQrmOLefa0wPSJYcQQY4/cSJdwBqOr
>>> 1sIRQjYl92EQXGPJOSDh7Le4huxtVVXHwpKxpHe4QtVWQ9mmSiuScsofrMq2UhX2
>>> RhdDRJISrbGSUsUWkCF/23GRslgTcfCTeK4682Rc9csjAkL8ICxiKarjQ2W2iygJ
>>> 8EyfJnJB38AwXhA2F8IVtkXAkKhj90PH5kImlODqF2VSHSSSpgunEpngX3eld0yk
>>> Z0BjhYqdnKozWc1FPWursDqKABOHOUcvW4KDdF8aIe+FNoEpbOibLEJ15539DKCQ
>>> xQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMS52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAKhkEu8si6mFNJrQFsX3XE/TiA6xt23N9A/ZwaZHY
>>> JyTemPmzLYPb189Y2RusZcM/kpyzewJtaBZTEiBMcA/nfiqB2kWGNxZf4MBe6zxO
>>> 2+ua3XP/6Ab5DugSGYrIu8uoEZUIW9TnNIhlfzoVHgmC/6PfgBIGYsXKVqRv3rbd
>>> 1EmcmRMSLIZjoXUK3I1UkWIGJSFuDzp4mYR77uw0udTDNqBr6WmKucJ+Sl/BQqjt
>>> A9urWU+ajhqWqJVR1q0/saKQey4/TpfTNzdWSYXcgE4A0zYf/wNB5HnYIkgzOUiY
>>> Ii4HSFH/CTyOqrDLIugM9acjZT/A0YS8ZwMQxZ1N3tfr7Q==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :0EB922276261F1D9C7843749E32235B7
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl1.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C312E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEB6ADAgECAhAOuSInYmHx2ceEN0njIjW3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1EYWxsYXMxGTAXBgNVBAMUEHNzbDEudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
> A4IBDwAwggEKAoIBAQC0PUofY3n/0tAKdKFPeYpnf3Fd9mmZhmLxF2Eb8wqoPHJkqumU5tph0NCu
>>>
> Y4t59rTA9IlhxBBjj9xIl3AGo6vWwhFCNiX3YRBcY8k5IOHst7iG7G1VVcfCkrGkd7hC1VZD2aZK
>>>
> K5Jyyh+syrZSFfZGF0NEkhKtsZJSxRaQIX/bcZGyWBNx8JN4rjrzZFz1yyMCQvwgLGIpquNDZbaL
>>>
> KAnwTJ8mckHfwDBeEDYXwhW2RcCQqGP3Q8fmQiaU4OoXZVIdJJKmC6cSmeBfd6V3TKRnQGOFip2c
>>>
> qjNZzUU9a6uwOooAE4c5Ry9bgoN0Xxoh74U2gSls6JssQnXnnf0MoJDFAgMBAAGjggFlMIIBYTAJ
>>>
> BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
> HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
> BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
> hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
> LmNydDAbBgNVHREEFDASghBzc2wxLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> ----------------------------------------------
>>>
>>> ssl3.vitalps.net (based on https://crt.sh/?id=24732908)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQZ+KRKfjS6C/HFeLNU6FfljANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE1MDgwNDAwMDAwMFoXDTE2MDgwMzIzNTk1OVowdTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRcwFQYDVQQLFA5URFMtUE1OX0RhbGxhczEZMBcGA1UEAxQQc3NsMy52aXRhbHBz
>>> Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjTwLC8aVNGKOve
>>> eaa3TjQRO2CeYlkLAn5Ayk+L4EO+CR+2x9+1Vc8tJ+13/+oP+vA+hNtMnvZ3FREs
>>> tA2x1u89v3OWj88E0HUtmA8aPYUpTYeFJVf3j0AUE9KZ02IiXzPyLimJst2wgF4m
>>> /TtmN3BPczcAnWX+6UN7ygpc/AFodgAJs82tZsm9rRSrgqNe3z5ZOFPDa2Tj+QPU
>>> fKEw3mORc0dwgIdKbdCRNrs7UkymV54a1A3p55j99CD+Byid7Lc9PzJe1XscJlfJ
>>> 5gtXcKWRyhRY7e9W5QQ+s4yVDZxvnoAcoAo0yldaSMDrEktPNg7Ydslg0XQYMA+W
>>> w2uexxMCAwEAAaOCAXAwggFsMBsGA1UdEQQUMBKCEHNzbDMudml0YWxwcy5uZXQw
>>> CQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwKAYDVR0lBCEwHwYIKwYBBQUHAwEG
>>> CCsGAQUFBwMCBglghkgBhvhCBAEwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAKuvE4RJZc0cjPjkVRbhQWTYYrKjJ/1BYxmNszNTM
>>> P+3rUb3I2k4+UoczYjf/F/qaK9AL5TSopVcn2ds5EnFoKJtpvF/gF6PK1OUM4ViX
>>> jOPQFvycZ+mR8JXcvZJVFZVNZ+RahkPKJShIzryj2ktvci/yX8K2asNCE4BjVDAs
>>> 1p5mTz4RcjofgCxDy0KYd/d/rGfbA1fNli8nL92UuuzzU+EqrQM3im3iAqlNZSDO
>>> XjXxTEqnkrylTnMmzf4aIgz8OxUEvsZmkq5UXySd778kt5oJ3I7URe6NhDJjBCR4
>>> VgFSirUTR0Y7lAkNDZ8x+2S7S0SoR6mi9BtxhWP+EFbVWw==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1035 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :426F395EE8DCEF5C9123F0FDA116B040
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 117 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 23 cons: SET
>>> 334:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 14 prim: T61STRING :TDS-PMN_Dallas
>>> 357:d=2 hl=2 l= 25 cons: SET
>>> 359:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 361:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 366:d=4 hl=2 l= 16 prim: T61STRING :ssl3.vitalps.net
>>> 384:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 388:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 390:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 401:d=3 hl=2 l= 0 prim: NULL
>>> 403:d=2 hl=4 l= 271 prim: BIT STRING
>>> 678:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 682:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 686:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 688:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 693:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 697:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 699:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 704:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 796:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 798:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 803:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 841:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 843:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 848:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 872:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 874:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 879:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 882:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 888:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 890:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 900:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 977:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 979:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 984:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C332E766974616C70732E6E6574
>>> 1006:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1008:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1013:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEC6ADAgECAhBCbzle6NzvXJEj8P2hFrBAMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB1MQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxFzAVBgNVBAsU
>>>
> DlREUy1QTU5fRGFsbGFzMRkwFwYDVQQDFBBzc2wzLnZpdGFscHMubmV0MIIBIjANBgkqhkiG9w0B
>>>
> AQEFAAOCAQ8AMIIBCgKCAQEAuNPAsLxpU0Yo6955prdONBE7YJ5iWQsCfkDKT4vgQ74JH7bH37VV
>>>
> zy0n7Xf/6g/68D6E20ye9ncVESy0DbHW7z2/c5aPzwTQdS2YDxo9hSlNh4UlV/ePQBQT0pnTYiJf
>>>
> M/IuKYmy3bCAXib9O2Y3cE9zNwCdZf7pQ3vKClz8AWh2AAmzza1myb2tFKuCo17fPlk4U8NrZOP5
>>>
> A9R8oTDeY5FzR3CAh0pt0JE2uztSTKZXnhrUDennmP30IP4HKJ3stz0/Ml7VexwmV8nmC1dwpZHK
>>>
> FFjt71blBD6zjJUNnG+egBygCjTKV1pIwOsSS082Dth2yWDRdBgwD5bDa57HEwIDAQABo4IBZTCC
>>>
> AWEwCQYDVR0TBAIwADBhBgNVHSAEWjBYMFYGBmeBDAECAjBMMCMGCCsGAQUFBwIBFhdodHRwczov
>>>
> L2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAr
>>>
> BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNybDAdBgNVHSUEFjAUBggr
>>>
> BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMFcGCCsGAQUFBwEBBEswSTAfBggrBgEF
>>>
> BQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NlLnN5bWNiLmNv
>>>
> bS9zZS5jcnQwGwYDVR0RBBQwEoIQc3NsMy52aXRhbHBzLm5ldDAfBgNVHSMEGDAWgBTXm3zYIqAV
>>> 992tX84pm1jDvEYAtQ==
>>>
>>>
>>> -------------------------------------------
>>>
>>> ssl2.vitalps.net (based on a cert not logged in crt.sh)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQFW3Uf33gwGxNETp8o3IHkzANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMRkwFwYDVQQDFBBzc2wyLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7SWO9dIJIhhj27rPAFf
>>> DFQNzCB9op6vy8kw566fo7hwRRA3qqTts6tsjsw7qLzblX2wu4vSNkpmCUqbxKge
>>> KUGWdxzth7KctXn1MlKA15uSMxkXjlKe7d25MoImWLcZA/sXVGReATzpR0kaXujy
>>> 7k2prk5hOZY/PaIc6270PuFh6gukXiaDf7eAIvijS40V4xll52L0WhpjIMaDXnTo
>>> WkDbGXH6YqT/IritvAGM2IRZPWrhE2YrvDlwVoXnkxPGlT9is5kDkBJ02OZYTd7/
>>> BuRZO9GR1tQY8esd2KQw5KQlFIaW5wXaNTXRlJ3R+13oAzsrq51kPVeUbhzkJ5Ce
>>> 6QIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMi52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAVwlUXrDLP2LKmX8PmscxPv1k8pzUmOB2XRegkWLj
>>> D1Bsc1U/FbuVWlgkg8aIeqm1yqwnX/b/67Jlop1kOxGcTXgl9TA5uQSYRSWqejFO
>>> 1CsM56ScFHFuW76EhXHUX36tqRF+MSPcMRr8lWA1DJQeNKmdjfPYvwUggnkH5/rm
>>> yRZk0OSRhpQTrCuYTq1xFuS+tyKiYnq6ocaQwDfbD+nvvzVf8x8qvPFt61HMzUzP
>>> ydVKbv2QwAQBjy0dUxEkJ6O8hnK1hU8F3qc4wRu+Ge1ofSdfssyWjYLFI66IRBTD
>>> 2XmvyE9c680wPZv90uHz9eWBR7yGF1hP0V8fXsM4ldJksA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :7CD54ACFA6E1738BA8449A38CA09BE1E
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl2.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C322E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEB6ADAgECAhB81UrPpuFzi6hEmjjKCb4eMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1SZXN0b24xGTAXBgNVBAMUEHNzbDIudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
> A4IBDwAwggEKAoIBAQCztJY710gkiGGPbus8AV8MVA3MIH2inq/LyTDnrp+juHBFEDeqpO2zq2yO
>>>
> zDuovNuVfbC7i9I2SmYJSpvEqB4pQZZ3HO2Hspy1efUyUoDXm5IzGReOUp7t3bkygiZYtxkD+xdU
>>>
> ZF4BPOlHSRpe6PLuTamuTmE5lj89ohzrbvQ+4WHqC6ReJoN/t4Ai+KNLjRXjGWXnYvRaGmMgxoNe
>>>
> dOhaQNsZcfpipP8iuK28AYzYhFk9auETZiu8OXBWheeTE8aVP2KzmQOQEnTY5lhN3v8G5Fk70ZHW
>>>
> 1Bjx6x3YpDDkpCUUhpbnBdo1NdGUndH7XegDOyurnWQ9V5RuHOQnkJ7pAgMBAAGjggFlMIIBYTAJ
>>>
> BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
> HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
> BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
> hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
> LmNydDAbBgNVHREEFDASghBzc2wyLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> ---------------------------------------------
>>>
>>> ssl2.vitalps.net (based https://crt.sh/?id=24732905)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQC2txgNGyPR3F31kjsev70TANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMRkwFwYDVQQDFBBzc2wyLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7h6ItxaeRllDNDzqJSD
>>> 6YxRZ/IQjGMAJGSq3vIwo8rof17S2PdtMFZpHA4G0ueZJm0cVcNKprJ1M5ykwzVo
>>> fc+i1z3DjmlxSK4HjL9B6vDuUQGLgasYrvR3pAosKGkucQQW0/mFWpOKwrpXfYss
>>> zAIgLc0bU1QJHKF14re6FRo1sX4JxU0xlaK/+Q0kdUQVPYdG4A57Uvz7C1/u9/Jt
>>> vP+1OKxn0fEwclZa9Hug4yi9llLjEHNHs0sPc2g/2nFmBOSpzUutnr8oqomgM0Of
>>> UhgFmPbsRZ0jzYxR0HZ7RQ+Eg3UJcDwQqmp14iw2dWAJKbmVsdOy8FT6TGOk9Paz
>>> HQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMi52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAZGQ7qWXzrHZbrnJBbcy8vtTxfz6ScUpmdhNsHtqA
>>> zibYmUerfme6vcfI+a3RntUdeh2bP/g28hWsJeUOBWOH2jewa9SvFDWeA+an2ICO
>>> qK1aFEM2zbJxRoSmFYNwogISVhNWs895zGyQEGcfSHhh8R+PTZdu1AoSgZ33RKc/
>>> mhnVyr1aLdymLzQ+hz4D5j2qVyO3JqJjrqiQKxFKsp/AOVU/UCeWjSumcd2Ff6fw
>>> VL6TvBa+QGnHFFFzUadkyf8LjGTFxwN65Ft4Rd/EcI+6hrfLn8ivJ+sh616wesB4
>>> OvX9A29d6wJqVPIL9vmD8l+4akKpFZi0rLtb5e6FmpWy1Q==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :1A7737CFE654ED95E0B42A90DB357BB9
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl2.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C322E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
> MIIEB6ADAgECAhAadzfP5lTtleC0KpDbNXu5MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
> IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
> A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
> ClREUy1EYWxsYXMxGTAXBgNVBAMUEHNzbDIudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
> A4IBDwAwggEKAoIBAQC3uHoi3Fp5GWUM0POolIPpjFFn8hCMYwAkZKre8jCjyuh/XtLY920wVmkc
>>>
> DgbS55kmbRxVw0qmsnUznKTDNWh9z6LXPcOOaXFIrgeMv0Hq8O5RAYuBqxiu9HekCiwoaS5xBBbT
>>>
> +YVak4rCuld9iyzMAiAtzRtTVAkcoXXit7oVGjWxfgnFTTGVor/5DSR1RBU9h0bgDntS/PsLX+73
>>>
> 8m28/7U4rGfR8TByVlr0e6DjKL2WUuMQc0ezSw9zaD/acWYE5KnNS62evyiqiaAzQ59SGAWY9uxF
>>>
> nSPNjFHQdntFD4SDdQlwPBCqanXiLDZ1YAkpuZWx07LwVPpMY6T09rMdAgMBAAGjggFlMIIBYTAJ
>>>
> BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
> HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
> BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
> hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
> LmNydDAbBgNVHREEFDASghBzc2wyLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> -----Original Message-----
>>> From: public-bounces at cabforum.org
>>> Sent: Friday, July 15, 2016 7:48 PM
>>>
>>> Subject: [cabfpub] Application for SHA-1 Issuance
>>>
>>> Enclosed please find the application for SHA-1 issuance presented on
> behalf
>>> of our client. Note that the application was fully completed by the
> client.
>>>
>>> In addition, please find the TBS certificates generated by Symantec.
>>>
>>> Accompanying each TBSCertificate is a crt.sh link to the corresponding
> SHA-2
>>> certificate issued by our online system as a prerequisite, so that we
>>> capture evidence of authentication and verification of the information in
>>> the certificate. The TBSCertificates differ from these certificates by
>>> Issuer name, because our online systems can sign only with SHA-2 issuers.
>>> And since the Issuer name is different, corresponding extensions (CDP,
> AIA,
>>> AKI) are different as well.
>>>
>>> The TBSCertificates do not include public keys from older CT-logged
>>> certificates; they include public keys that correspond to private keys
> that
>>> were recently generated on the servers and that await the approval of
> these
>>> requests. The customer uses a CDN that uses OpenSSL to generate key pairs
>>> from a secure server. A separate secure server is used for private key
>>> pass-phrase retention.
>>>
>>> As this is the first time this is being done, there may be follow-up
>>> questions or items that were inadvertently omitted which we are happy to
>>> address.
>>>
>>> We ask that the community give good consideration to this request.
>>>
>>> One thing you will notice is the validity date extends to Feb 10, 2017.
> In
>>> the payment industry, 31 December is an absolutely horrible time to make
> a
>>> change as it represents one of the peak times for traffic. The client has
>>> aligned the date with the published Microsoft end date for SHA-1.
>>>
>>> Thank you,
>>>
>>> Dean Coclin
>>> Symantec
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list