[cabfpub] Application for SHA-1 Issuance
Dean Coclin
Dean_Coclin at symantec.com
Mon Jul 25 16:53:50 UTC 2016
In the interest of time, we chose to make as few changes as possible. Also
we didn't see strong consensus on the list that rigid construction of serial
numbers was required.
-----Original Message-----
From: Rob Stradling [mailto:rob.stradling at comodo.com]
Sent: Monday, July 25, 2016 5:25 AM
To: Dean Coclin <Dean_Coclin at symantec.com>; CABFPub <public at cabforum.org>
Subject: Re: [cabfpub] Application for SHA-1 Issuance
On 23/07/16 01:28, Dean Coclin wrote:
> Thanks, is there another comment, or are you ok?
Hi Dean. I had one other comment.
"Did Symantec consider Ryan's offer to help with generating the serial
numbers according to a rigid construction? If not, why not?"
Thanks.
> -----Original Message-----
> From: Rob Stradling [mailto:rob.stradling at comodo.com]
> Sent: Friday, July 22, 2016 7:57 PM
> To: Dean Coclin <Dean_Coclin at symantec.com>; CABFPub <public at cabforum.org>
> Subject: Re: [cabfpub] Application for SHA-1 Issuance
>
> On 23/07/16 00:25, Rob Stradling wrote:
>> Dean,
>>
>> I was pleased to see that you'd used PrintableStrings in your previous
>> batch of TBSCertificates for TSYS, but it's disappointing to see
>> T61Strings in this new batch.
>
> Please ignore that comment. It's been pointed out to me that, since the
> Existing Certificates used T61Strings, the new certs should use
> T61Strings too.
>
> "Existing Certificate Information
>
> Ideally the proposed tbsCertificate should correspond to an Existing
> Certificate logged in at least two Certificate Transparency logs trusted
> by one or more Application Software Suppliers, with an audit proof to a
> Signed Tree Head with a timestamp prior to 1st January 2016 and
> differing only by:
> - signature AlgorithmIdentifier
> - Serial Number, which must have at least 60 bits of entropy
> - Validity, which must have a notAfter on or before 31st December 2016"
>
>> Did Symantec consider Ryan's offer to help with generating the serial
>> numbers according to a rigid construction? If not, why not?
>>
>> Thanks.
>>
>> On 22/07/16 23:55, Dean Coclin wrote:
>>> Based on feedback from the community, TSYS and Symantec have created new
> TBS
>>> certificates. These use existing keys and do not contain the
> miscellaneous
>>> characters in the OU that the others contained (and were explained by
> TSYS).
>>> These TBSCertificates have the same public keys from the existing
>>> certificates on which they're based, and should differ only in serial
> number
>>> and dates
>>>
>>> You will notice there are only 7 certificates instead of 8 due to a
> change
>>> TSYS made in early 2016 to align dates into August for Expiration. Most
>>> servers have a Dallas and a Reston version; for one server they
> duplicated
>>> one private key and cert so there's only one cert for both sites.
>>>
>>> To reconstitute the TBSCertificate in binary DER form, use the Linux
>>> command:
>>> base64 --decode > tbs.der
>>> Then paste in a block of text from below, followed by an EOF
(control-D).
>>>
>>> ----------------------------------------
>>>
>>> ssl1.tsysacquiring.net (based on https://crt.sh/?id=12924024)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFOjCCBCKgAwIBAgIQfN9GpTEgg8dMV3KfmuboLjANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxNTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowdzELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMR8wHQYDVQQDFBZzc2wxLnRzeXNhY3F1aXJp
>>> bmcubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vbHdGqwEWy0
>>> qmpyRlZuZbygE68fAxGrWUqow2YIo2PlVKX74sBC+hK7e7AYpM8P2mueLbbUCjBJ
>>> ChIiMLdaQfL9L9ZchoMi0YS3O7cFVFfg7i8BKZ5L4JCisqYVZnT8pJgVMd/Hvqqw
>>> 2xLx3pddQzBUK0D4VdJBcDVbyD4/j5/vGe9PUfBBJE/xmDa6T/k+ZH2PtcJ4/eWt
>>> mfrtl1Ncz2/vLXg2v+FZLYVc1eQSgyFci0OEmxrK2oNa9OPXDQIO/cjLCxUP4g7I
>>> E7U0MSx6lzbLgSR8V1UPlsw2kkZgPUD7JAAITJ5cCcJKx0zT+CZYIjs71kJL7Ne5
>>> 7i9fWw6H/QIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWc3NsMS50c3lzYWNxdWly
>>> aW5nLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggr
>>> BgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG
>>> +EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYI
>>> KwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU
>>> 15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
>>> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
>>> dHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>> Y29tL3NlLmNydDANBgkqhkiG9w0BAQUFAAOCAQEATTAL5DkwpxAeLc9PtdLkpQj0
>>> saugkQNsGgtc6PKtxqBF4Slh4Aylnsve2MwDRDj2FNTCO+rUkNzrBSnSXTKnwfkD
>>> yM1ymuNqECv9+zHEMo8PNPWq4BNs2YSY6Ri+wH1eXHum+sDiizk2whWniBVYWdiY
>>> Yn7aRX8bsiWkjwDWeseHfNzv6KIO/7esmsz8LXyf9qz3OWi++CX4fVEf/0PAbEEE
>>> 3nU00fjS77TfC5A5hW991jzvJ8vpvaTHVuh0g+0JhMNpQJljrS0Nq5cOvLLjGkx+
>>> vH5d+6Adgjl2C0T76rc6I7PEi+489IoWHXEBSE21JBNu7wZ4Q/KFYI1/EZg1VA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1043 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :70125CA8AAEDC172C8E50707B493E30D
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 119 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 31 cons: SET
>>> 355:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 22 prim: T61STRING :ssl1.tsysacquiring.net
>>> 386:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 390:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 403:d=3 hl=2 l= 0 prim: NULL
>>> 405:d=2 hl=4 l= 271 prim: BIT STRING
>>> 680:d=1 hl=4 l= 363 cons: cont [ 3 ]
>>> 684:d=2 hl=4 l= 359 cons: SEQUENCE
>>> 688:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 695:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 699:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 701:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 706:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 798:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 800:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 805:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 843:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 845:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 850:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 874:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 876:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 881:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 884:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 890:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 892:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 902:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 979:d=3 hl=2 l= 33 cons: SEQUENCE
>>> 981:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 986:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
>>> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
>>> 1014:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1016:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1021:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEE6ADAgECAhBwElyoqu3BcsjlBwe0k+MNMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB3MQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1SZXN0b24xHzAdBgNVBAMUFnNzbDEudHN5c2FjcXVpcmluZy5uZXQwggEiMA0GCSqGSIb3
>>>
>
DQEBAQUAA4IBDwAwggEKAoIBAQDq9sd0arARbLSqanJGVm5lvKATrx8DEatZSqjDZgijY+VUpfvi
>>>
>
wEL6Ert7sBikzw/aa54tttQKMEkKEiIwt1pB8v0v1lyGgyLRhLc7twVUV+DuLwEpnkvgkKKyphVm
>>>
>
dPykmBUx38e+qrDbEvHel11DMFQrQPhV0kFwNVvIPj+Pn+8Z709R8EEkT/GYNrpP+T5kfY+1wnj9
>>>
>
5a2Z+u2XU1zPb+8teDa/4VkthVzV5BKDIVyLQ4SbGsrag1r049cNAg79yMsLFQ/iDsgTtTQxLHqX
>>>
>
NsuBJHxXVQ+WzDaSRmA9QPskAAhMnlwJwkrHTNP4JlgiOzvWQkvs17nuL19bDof9AgMBAAGjggFr
>>>
>
MIIBZzAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBz
>>>
>
Oi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
>>>
>
MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQG
>>>
>
CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsG
>>>
>
AQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>>
>
Y29tL3NlLmNydDAhBgNVHREEGjAYghZzc2wxLnRzeXNhY3F1aXJpbmcubmV0MB8GA1UdIwQYMBaA
>>> FNebfNgioBX33a1fzimbWMO8RgC1
>>>
>>>
>>> -----------------------------------
>>>
>>> ssl1.tsysacquiring.net (based on https://crt.sh/?id=10997968)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFOjCCBCKgAwIBAgIQKlr28BNu+jfBjcv9eaAkzDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowdzELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMR8wHQYDVQQDFBZzc2wxLnRzeXNhY3F1aXJp
>>> bmcubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFQ4i7PVKE+3
>>> fJYa90a+kECKexeIqLIipcsTlnR0waBd318Y7MMwbBWy+NxSq082vYdQRWPChf5D
>>> 5SLjgJRc3V/XaJqu9kvFi9a5LzLRZV+Vi5cQ37jrLlVT5vyGv7xROM+zi1aSXUsM
>>> Ipu53YDlXLrJm5vsEOx6+htCo3JYoi/bWjL0XQc1hyynk/GW1HQudVAIFIBiyfvs
>>> ifl6YEFx3uXFzbA8hNNWoFg1el7wOmjgqeGCzFn6dMULC+YbbS0SKeeK8O+4q6D2
>>> 5N4jx4FkPWL0wPb4LHKzDi9IdRJQD8Z1UQaw812CSbpLOCVtZKwKY43ZvSOlx/e1
>>> vbyru/jdXwIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWc3NsMS50c3lzYWNxdWly
>>> aW5nLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggr
>>> BgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG
>>> +EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYI
>>> KwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU
>>> 15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
>>> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
>>> dHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>> Y29tL3NlLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAll6VCK9oIi2VS47wXawNL4a5
>>> 2xcWV5efKafdXzfI/CM/cOKaBnhEgpx+cUyPLkwO/2zYiO6nho18LAYsOCJyU5cB
>>> +sHmJ8h035IP20LEE6ddiL3DrfCD3bXg04+ATs28W1mhdNsbcsSqtF6FG2hyi1dy
>>> 8/BR62rutvyC5OuZP32cXZZgJu8xGwIQxtmzrYqG2WUPA05A8zPImQcj8KeJUM/e
>>> AusFQKu5VVxycH8OQb6U6P90H9Zf5W7nzAo2c+wZEx26CMTWqDKhWr58MnehGU9Q
>>> W+1glt+DKwHznztq3UQuDF6xuHBbzVbau4VqBAWjRE1gM718xuBLwsRtDSIAWA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1043 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :20924C61364BC9860739A65E150F40E2
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 119 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 31 cons: SET
>>> 355:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 22 prim: T61STRING :ssl1.tsysacquiring.net
>>> 386:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 390:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 403:d=3 hl=2 l= 0 prim: NULL
>>> 405:d=2 hl=4 l= 271 prim: BIT STRING
>>> 680:d=1 hl=4 l= 363 cons: cont [ 3 ]
>>> 684:d=2 hl=4 l= 359 cons: SEQUENCE
>>> 688:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 695:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 699:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 701:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 706:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230190C1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 798:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 800:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 805:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 843:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 845:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 850:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 874:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 876:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 881:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 884:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 890:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 892:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 902:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 979:d=3 hl=2 l= 33 cons: SEQUENCE
>>> 981:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 986:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
>>> DUMP]:3018821673736C312E74737973616371756972696E672E6E6574
>>> 1014:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1016:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1021:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEE6ADAgECAhAgkkxhNkvJhgc5pl4VD0DiMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB3MQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1EYWxsYXMxHzAdBgNVBAMUFnNzbDEudHN5c2FjcXVpcmluZy5uZXQwggEiMA0GCSqGSIb3
>>>
>
DQEBAQUAA4IBDwAwggEKAoIBAQDAVDiLs9UoT7d8lhr3Rr6QQIp7F4iosiKlyxOWdHTBoF3fXxjs
>>>
>
wzBsFbL43FKrTza9h1BFY8KF/kPlIuOAlFzdX9domq72S8WL1rkvMtFlX5WLlxDfuOsuVVPm/Ia/
>>>
>
vFE4z7OLVpJdSwwim7ndgOVcusmbm+wQ7Hr6G0KjcliiL9taMvRdBzWHLKeT8ZbUdC51UAgUgGLJ
>>>
>
++yJ+XpgQXHe5cXNsDyE01agWDV6XvA6aOCp4YLMWfp0xQsL5httLRIp54rw77iroPbk3iPHgWQ9
>>>
>
YvTA9vgscrMOL0h1ElAPxnVRBrDzXYJJuks4JW1krApjjdm9I6XH97W9vKu7+N1fAgMBAAGjggFr
>>>
>
MIIBZzAJBgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBz
>>>
>
Oi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
>>>
>
MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQG
>>>
>
CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsG
>>>
>
AQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2Iu
>>>
>
Y29tL3NlLmNydDAhBgNVHREEGjAYghZzc2wxLnRzeXNhY3F1aXJpbmcubmV0MB8GA1UdIwQYMBaA
>>> FNebfNgioBX33a1fzimbWMO8RgC1
>>>
>>>
>>> ----------------------------------------
>>>
>>> ssl1.vitalps.net (based on https://crt.sh/?id=4858491)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQZpoeO9e+TCIqp+k4zN0aVDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMRkwFwYDVQQDFBBzc2wxLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmVKgzsstUaQEW8Ab0bx
>>> xP3NXPUIzGq8pF2lriBAMlYPVI+Y/sUvZxQk5BYcxRQI3Ux+A0EzN4EbYB3ib9up
>>> uu1ORyYjJksGAuMzZz4ovkKc64FCbH/ceBGjd6UOjYEbxrnysX3nNevP1ROUW5YT
>>> hrMqLuyoBeK1YvWCUeieXe2A9ysAbF2J2VNaJvtMkMMUrpW3alrkU9pf3re9M68Y
>>> dp3jJDR7GiKvNTB7r8fvpCmkImTC//Q9vrvLYUU4Tl6d++gCxLs2Q1pa+mUqr6f8
>>> fgSwRTNdzzsUV0eLv2+Ugpki823Hl2zgwuv6XM/rD1/B+B9Yk7j+tkstrzsQYVZ1
>>> TQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMS52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEACASjUqP+m3+AFB3Ll53kgxpaASFCLbd29Z1X59gR
>>> 3fgAUyNL8fLEgKwrBC30b5JDpgMXHSJffx0UvZyVUYEJRPvXlfGdkfIfux+afgWr
>>> raXn7PqW5UK4k4wc/iXv19vB1jXEUKNzHMDn5m08g8PAiuhLslInRPO/zUKafVTw
>>> PN2je9okqA0opoLpuQbZfkXVmrPag1z1tRaHQ4Es0qm6s0hg9N/Cac++wncO3DzG
>>> ZgzkbTbDmt2/OQ0na0goKJxEQanClzq20+oOrP0joIKDJZi4C89duukF1PXIGYLG
>>> FVqc0amgbylgiJfZ5aspHG7wydjEToBQmRvqPAZTABZnxA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :03F1C7694784FFDE1F72888DD69F6319
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl1.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C312E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEB6ADAgECAhAD8cdpR4T/3h9yiI3Wn2MZMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1SZXN0b24xGTAXBgNVBAMUEHNzbDEudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
>
A4IBDwAwggEKAoIBAQCeZUqDOyy1RpARbwBvRvHE/c1c9QjMarykXaWuIEAyVg9Uj5j+xS9nFCTk
>>>
>
FhzFFAjdTH4DQTM3gRtgHeJv26m67U5HJiMmSwYC4zNnPii+QpzrgUJsf9x4EaN3pQ6NgRvGufKx
>>>
>
fec168/VE5RblhOGsyou7KgF4rVi9YJR6J5d7YD3KwBsXYnZU1om+0yQwxSulbdqWuRT2l/et70z
>>>
>
rxh2neMkNHsaIq81MHuvx++kKaQiZML/9D2+u8thRThOXp376ALEuzZDWlr6ZSqvp/x+BLBFM13P
>>>
>
OxRXR4u/b5SCmSLzbceXbODC6/pcz+sPX8H4H1iTuP62Sy2vOxBhVnVNAgMBAAGjggFlMIIBYTAJ
>>>
>
BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
>
eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
>
HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
>
BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
>
hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
>
LmNydDAbBgNVHREEFDASghBzc2wxLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> --------------------------------------------
>>>
>>> ssl1.vitalps.net (based on https://crt.sh/?id=4858607)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQaekgbaF9jW5PDVLXvSSXqDANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMRkwFwYDVQQDFBBzc2wxLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD1KH2N5/9LQCnShT3mK
>>> Z39xXfZpmYZi8RdhG/MKqDxyZKrplObaYdDQrmOLefa0wPSJYcQQY4/cSJdwBqOr
>>> 1sIRQjYl92EQXGPJOSDh7Le4huxtVVXHwpKxpHe4QtVWQ9mmSiuScsofrMq2UhX2
>>> RhdDRJISrbGSUsUWkCF/23GRslgTcfCTeK4682Rc9csjAkL8ICxiKarjQ2W2iygJ
>>> 8EyfJnJB38AwXhA2F8IVtkXAkKhj90PH5kImlODqF2VSHSSSpgunEpngX3eld0yk
>>> Z0BjhYqdnKozWc1FPWursDqKABOHOUcvW4KDdF8aIe+FNoEpbOibLEJ15539DKCQ
>>> xQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMS52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAKhkEu8si6mFNJrQFsX3XE/TiA6xt23N9A/ZwaZHY
>>> JyTemPmzLYPb189Y2RusZcM/kpyzewJtaBZTEiBMcA/nfiqB2kWGNxZf4MBe6zxO
>>> 2+ua3XP/6Ab5DugSGYrIu8uoEZUIW9TnNIhlfzoVHgmC/6PfgBIGYsXKVqRv3rbd
>>> 1EmcmRMSLIZjoXUK3I1UkWIGJSFuDzp4mYR77uw0udTDNqBr6WmKucJ+Sl/BQqjt
>>> A9urWU+ajhqWqJVR1q0/saKQey4/TpfTNzdWSYXcgE4A0zYf/wNB5HnYIkgzOUiY
>>> Ii4HSFH/CTyOqrDLIugM9acjZT/A0YS8ZwMQxZ1N3tfr7Q==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :0EB922276261F1D9C7843749E32235B7
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl1.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C312E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEB6ADAgECAhAOuSInYmHx2ceEN0njIjW3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1EYWxsYXMxGTAXBgNVBAMUEHNzbDEudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
>
A4IBDwAwggEKAoIBAQC0PUofY3n/0tAKdKFPeYpnf3Fd9mmZhmLxF2Eb8wqoPHJkqumU5tph0NCu
>>>
>
Y4t59rTA9IlhxBBjj9xIl3AGo6vWwhFCNiX3YRBcY8k5IOHst7iG7G1VVcfCkrGkd7hC1VZD2aZK
>>>
>
K5Jyyh+syrZSFfZGF0NEkhKtsZJSxRaQIX/bcZGyWBNx8JN4rjrzZFz1yyMCQvwgLGIpquNDZbaL
>>>
>
KAnwTJ8mckHfwDBeEDYXwhW2RcCQqGP3Q8fmQiaU4OoXZVIdJJKmC6cSmeBfd6V3TKRnQGOFip2c
>>>
>
qjNZzUU9a6uwOooAE4c5Ry9bgoN0Xxoh74U2gSls6JssQnXnnf0MoJDFAgMBAAGjggFlMIIBYTAJ
>>>
>
BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
>
eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
>
HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
>
BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
>
hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
>
LmNydDAbBgNVHREEFDASghBzc2wxLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> ----------------------------------------------
>>>
>>> ssl3.vitalps.net (based on https://crt.sh/?id=24732908)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQZ+KRKfjS6C/HFeLNU6FfljANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE1MDgwNDAwMDAwMFoXDTE2MDgwMzIzNTk1OVowdTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRcwFQYDVQQLFA5URFMtUE1OX0RhbGxhczEZMBcGA1UEAxQQc3NsMy52aXRhbHBz
>>> Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjTwLC8aVNGKOve
>>> eaa3TjQRO2CeYlkLAn5Ayk+L4EO+CR+2x9+1Vc8tJ+13/+oP+vA+hNtMnvZ3FREs
>>> tA2x1u89v3OWj88E0HUtmA8aPYUpTYeFJVf3j0AUE9KZ02IiXzPyLimJst2wgF4m
>>> /TtmN3BPczcAnWX+6UN7ygpc/AFodgAJs82tZsm9rRSrgqNe3z5ZOFPDa2Tj+QPU
>>> fKEw3mORc0dwgIdKbdCRNrs7UkymV54a1A3p55j99CD+Byid7Lc9PzJe1XscJlfJ
>>> 5gtXcKWRyhRY7e9W5QQ+s4yVDZxvnoAcoAo0yldaSMDrEktPNg7Ydslg0XQYMA+W
>>> w2uexxMCAwEAAaOCAXAwggFsMBsGA1UdEQQUMBKCEHNzbDMudml0YWxwcy5uZXQw
>>> CQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwKAYDVR0lBCEwHwYIKwYBBQUHAwEG
>>> CCsGAQUFBwMCBglghkgBhvhCBAEwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAKuvE4RJZc0cjPjkVRbhQWTYYrKjJ/1BYxmNszNTM
>>> P+3rUb3I2k4+UoczYjf/F/qaK9AL5TSopVcn2ds5EnFoKJtpvF/gF6PK1OUM4ViX
>>> jOPQFvycZ+mR8JXcvZJVFZVNZ+RahkPKJShIzryj2ktvci/yX8K2asNCE4BjVDAs
>>> 1p5mTz4RcjofgCxDy0KYd/d/rGfbA1fNli8nL92UuuzzU+EqrQM3im3iAqlNZSDO
>>> XjXxTEqnkrylTnMmzf4aIgz8OxUEvsZmkq5UXySd778kt5oJ3I7URe6NhDJjBCR4
>>> VgFSirUTR0Y7lAkNDZ8x+2S7S0SoR6mi9BtxhWP+EFbVWw==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1035 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :426F395EE8DCEF5C9123F0FDA116B040
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 117 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 23 cons: SET
>>> 334:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 14 prim: T61STRING :TDS-PMN_Dallas
>>> 357:d=2 hl=2 l= 25 cons: SET
>>> 359:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 361:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 366:d=4 hl=2 l= 16 prim: T61STRING :ssl3.vitalps.net
>>> 384:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 388:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 390:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 401:d=3 hl=2 l= 0 prim: NULL
>>> 403:d=2 hl=4 l= 271 prim: BIT STRING
>>> 678:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 682:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 686:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 688:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 693:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 697:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 699:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 704:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 796:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 798:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 803:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 841:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 843:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 848:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 872:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 874:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 879:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 882:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 888:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 890:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 900:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 977:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 979:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 984:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C332E766974616C70732E6E6574
>>> 1006:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1008:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1013:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEC6ADAgECAhBCbzle6NzvXJEj8P2hFrBAMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjB1MQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxFzAVBgNVBAsU
>>>
>
DlREUy1QTU5fRGFsbGFzMRkwFwYDVQQDFBBzc2wzLnZpdGFscHMubmV0MIIBIjANBgkqhkiG9w0B
>>>
>
AQEFAAOCAQ8AMIIBCgKCAQEAuNPAsLxpU0Yo6955prdONBE7YJ5iWQsCfkDKT4vgQ74JH7bH37VV
>>>
>
zy0n7Xf/6g/68D6E20ye9ncVESy0DbHW7z2/c5aPzwTQdS2YDxo9hSlNh4UlV/ePQBQT0pnTYiJf
>>>
>
M/IuKYmy3bCAXib9O2Y3cE9zNwCdZf7pQ3vKClz8AWh2AAmzza1myb2tFKuCo17fPlk4U8NrZOP5
>>>
>
A9R8oTDeY5FzR3CAh0pt0JE2uztSTKZXnhrUDennmP30IP4HKJ3stz0/Ml7VexwmV8nmC1dwpZHK
>>>
>
FFjt71blBD6zjJUNnG+egBygCjTKV1pIwOsSS082Dth2yWDRdBgwD5bDa57HEwIDAQABo4IBZTCC
>>>
>
AWEwCQYDVR0TBAIwADBhBgNVHSAEWjBYMFYGBmeBDAECAjBMMCMGCCsGAQUFBwIBFhdodHRwczov
>>>
>
L2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAr
>>>
>
BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNybDAdBgNVHSUEFjAUBggr
>>>
>
BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMFcGCCsGAQUFBwEBBEswSTAfBggrBgEF
>>>
>
BQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NlLnN5bWNiLmNv
>>>
>
bS9zZS5jcnQwGwYDVR0RBBQwEoIQc3NsMy52aXRhbHBzLm5ldDAfBgNVHSMEGDAWgBTXm3zYIqAV
>>> 992tX84pm1jDvEYAtQ==
>>>
>>>
>>> -------------------------------------------
>>>
>>> ssl2.vitalps.net (based on a cert not logged in crt.sh)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQFW3Uf33gwGxNETp8o3IHkzANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtUmVzdG9uMRkwFwYDVQQDFBBzc2wyLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7SWO9dIJIhhj27rPAFf
>>> DFQNzCB9op6vy8kw566fo7hwRRA3qqTts6tsjsw7qLzblX2wu4vSNkpmCUqbxKge
>>> KUGWdxzth7KctXn1MlKA15uSMxkXjlKe7d25MoImWLcZA/sXVGReATzpR0kaXujy
>>> 7k2prk5hOZY/PaIc6270PuFh6gukXiaDf7eAIvijS40V4xll52L0WhpjIMaDXnTo
>>> WkDbGXH6YqT/IritvAGM2IRZPWrhE2YrvDlwVoXnkxPGlT9is5kDkBJ02OZYTd7/
>>> BuRZO9GR1tQY8esd2KQw5KQlFIaW5wXaNTXRlJ3R+13oAzsrq51kPVeUbhzkJ5Ce
>>> 6QIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMi52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAVwlUXrDLP2LKmX8PmscxPv1k8pzUmOB2XRegkWLj
>>> D1Bsc1U/FbuVWlgkg8aIeqm1yqwnX/b/67Jlop1kOxGcTXgl9TA5uQSYRSWqejFO
>>> 1CsM56ScFHFuW76EhXHUX36tqRF+MSPcMRr8lWA1DJQeNKmdjfPYvwUggnkH5/rm
>>> yRZk0OSRhpQTrCuYTq1xFuS+tyKiYnq6ocaQwDfbD+nvvzVf8x8qvPFt61HMzUzP
>>> ydVKbv2QwAQBjy0dUxEkJ6O8hnK1hU8F3qc4wRu+Ge1ofSdfssyWjYLFI66IRBTD
>>> 2XmvyE9c680wPZv90uHz9eWBR7yGF1hP0V8fXsM4ldJksA==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :7CD54ACFA6E1738BA8449A38CA09BE1E
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Reston
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl2.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C322E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEB6ADAgECAhB81UrPpuFzi6hEmjjKCb4eMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1SZXN0b24xGTAXBgNVBAMUEHNzbDIudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
>
A4IBDwAwggEKAoIBAQCztJY710gkiGGPbus8AV8MVA3MIH2inq/LyTDnrp+juHBFEDeqpO2zq2yO
>>>
>
zDuovNuVfbC7i9I2SmYJSpvEqB4pQZZ3HO2Hspy1efUyUoDXm5IzGReOUp7t3bkygiZYtxkD+xdU
>>>
>
ZF4BPOlHSRpe6PLuTamuTmE5lj89ohzrbvQ+4WHqC6ReJoN/t4Ai+KNLjRXjGWXnYvRaGmMgxoNe
>>>
>
dOhaQNsZcfpipP8iuK28AYzYhFk9auETZiu8OXBWheeTE8aVP2KzmQOQEnTY5lhN3v8G5Fk70ZHW
>>>
>
1Bjx6x3YpDDkpCUUhpbnBdo1NdGUndH7XegDOyurnWQ9V5RuHOQnkJ7pAgMBAAGjggFlMIIBYTAJ
>>>
>
BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
>
eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
>
HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
>
BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
>
hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
>
LmNydDAbBgNVHREEFDASghBzc2wyLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> ---------------------------------------------
>>>
>>> ssl2.vitalps.net (based https://crt.sh/?id=24732905)
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIFLjCCBBagAwIBAgIQC2txgNGyPR3F31kjsev70TANBgkqhkiG9w0BAQUFADCB
>>> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
>>> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
>>> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
>>> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
>>> DTE0MDcxMTAwMDAwMFoXDTE2MDgzMDIzNTk1OVowcTELMAkGA1UEBhMCVVMxEDAO
>>> BgNVBAgTB0dlb3JnaWExETAPBgNVBAcUCENvbHVtYnVzMQ0wCwYDVQQKFARUU1lT
>>> MRMwEQYDVQQLFApURFMtRGFsbGFzMRkwFwYDVQQDFBBzc2wyLnZpdGFscHMubmV0
>>> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7h6ItxaeRllDNDzqJSD
>>> 6YxRZ/IQjGMAJGSq3vIwo8rof17S2PdtMFZpHA4G0ueZJm0cVcNKprJ1M5ykwzVo
>>> fc+i1z3DjmlxSK4HjL9B6vDuUQGLgasYrvR3pAosKGkucQQW0/mFWpOKwrpXfYss
>>> zAIgLc0bU1QJHKF14re6FRo1sX4JxU0xlaK/+Q0kdUQVPYdG4A57Uvz7C1/u9/Jt
>>> vP+1OKxn0fEwclZa9Hug4yi9llLjEHNHs0sPc2g/2nFmBOSpzUutnr8oqomgM0Of
>>> UhgFmPbsRZ0jzYxR0HZ7RQ+Eg3UJcDwQqmp14iw2dWAJKbmVsdOy8FT6TGOk9Paz
>>> HQIDAQABo4IBdDCCAXAwGwYDVR0RBBQwEoIQc3NsMi52aXRhbHBzLm5ldDAJBgNV
>>> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYB
>>> BQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggr
>>> BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
>>> aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAU15t82CKgFffdrV/O
>>> KZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NlLnN5bWNiLmNvbS9z
>>> ZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uuc3lt
>>> Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydDAN
>>> BgkqhkiG9w0BAQUFAAOCAQEAZGQ7qWXzrHZbrnJBbcy8vtTxfz6ScUpmdhNsHtqA
>>> zibYmUerfme6vcfI+a3RntUdeh2bP/g28hWsJeUOBWOH2jewa9SvFDWeA+an2ICO
>>> qK1aFEM2zbJxRoSmFYNwogISVhNWs895zGyQEGcfSHhh8R+PTZdu1AoSgZ33RKc/
>>> mhnVyr1aLdymLzQ+hz4D5j2qVyO3JqJjrqiQKxFKsp/AOVU/UCeWjSumcd2Ff6fw
>>> VL6TvBa+QGnHFFFzUadkyf8LjGTFxwN65Ft4Rd/EcI+6hrfLn8ivJ+sh616wesB4
>>> OvX9A29d6wJqVPIL9vmD8l+4akKpFZi0rLtb5e6FmpWy1Q==
>>> -----END CERTIFICATE-----
>>>
>>> Parsed TBSCertificate:
>>> 0:d=0 hl=4 l=1031 cons: SEQUENCE
>>> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
>>> 6:d=2 hl=2 l= 1 prim: INTEGER :02
>>> 9:d=1 hl=2 l= 16 prim: INTEGER
>>> :1A7737CFE654ED95E0B42A90DB357BB9
>>> 27:d=1 hl=2 l= 13 cons: SEQUENCE
>>> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
>>> 40:d=2 hl=2 l= 0 prim: NULL
>>> 42:d=1 hl=3 l= 188 cons: SEQUENCE
>>> 45:d=2 hl=2 l= 11 cons: SET
>>> 47:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 58:d=2 hl=2 l= 23 cons: SET
>>> 60:d=3 hl=2 l= 21 cons: SEQUENCE
>>> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
>>> 83:d=2 hl=2 l= 31 cons: SET
>>> 85:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
>>> 116:d=2 hl=2 l= 59 cons: SET
>>> 118:d=3 hl=2 l= 57 cons: SEQUENCE
>>> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
>>> https://www.verisign.com/rpa (c)10
>>> 177:d=2 hl=2 l= 54 cons: SET
>>> 179:d=3 hl=2 l= 52 cons: SEQUENCE
>>> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
>>> International Server CA - G3
>>> 233:d=1 hl=2 l= 30 cons: SEQUENCE
>>> 235:d=2 hl=2 l= 13 prim: UTCTIME :160729000000Z
>>> 250:d=2 hl=2 l= 13 prim: UTCTIME :170210235959Z
>>> 265:d=1 hl=2 l= 113 cons: SEQUENCE
>>> 267:d=2 hl=2 l= 11 cons: SET
>>> 269:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 271:d=4 hl=2 l= 3 prim: OBJECT :countryName
>>> 276:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
>>> 280:d=2 hl=2 l= 16 cons: SET
>>> 282:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 284:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
>>> 289:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
>>> 298:d=2 hl=2 l= 17 cons: SET
>>> 300:d=3 hl=2 l= 15 cons: SEQUENCE
>>> 302:d=4 hl=2 l= 3 prim: OBJECT :localityName
>>> 307:d=4 hl=2 l= 8 prim: T61STRING :Columbus
>>> 317:d=2 hl=2 l= 13 cons: SET
>>> 319:d=3 hl=2 l= 11 cons: SEQUENCE
>>> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
>>> 326:d=4 hl=2 l= 4 prim: T61STRING :TSYS
>>> 332:d=2 hl=2 l= 19 cons: SET
>>> 334:d=3 hl=2 l= 17 cons: SEQUENCE
>>> 336:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
>>> 341:d=4 hl=2 l= 10 prim: T61STRING :TDS-Dallas
>>> 353:d=2 hl=2 l= 25 cons: SET
>>> 355:d=3 hl=2 l= 23 cons: SEQUENCE
>>> 357:d=4 hl=2 l= 3 prim: OBJECT :commonName
>>> 362:d=4 hl=2 l= 16 prim: T61STRING :ssl2.vitalps.net
>>> 380:d=1 hl=4 l= 290 cons: SEQUENCE
>>> 384:d=2 hl=2 l= 13 cons: SEQUENCE
>>> 386:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
>>> 397:d=3 hl=2 l= 0 prim: NULL
>>> 399:d=2 hl=4 l= 271 prim: BIT STRING
>>> 674:d=1 hl=4 l= 357 cons: cont [ 3 ]
>>> 678:d=2 hl=4 l= 353 cons: SEQUENCE
>>> 682:d=3 hl=2 l= 9 cons: SEQUENCE
>>> 684:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
>>> 689:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
>>> 693:d=3 hl=2 l= 97 cons: SEQUENCE
>>> 695:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate
> Policies
>>> 700:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
>>>
>
DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
>>>
>
2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
>>> 2F2F642E73796D63622E636F6D2F727061
>>> 792:d=3 hl=2 l= 43 cons: SEQUENCE
>>> 794:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
>>> Points
>>> 799:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
>>>
>
DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
>>> 6C
>>> 837:d=3 hl=2 l= 29 cons: SEQUENCE
>>> 839:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key
Usage
>>> 844:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
>>> DUMP]:301406082B0601050507030106082B06010505070302
>>> 868:d=3 hl=2 l= 14 cons: SEQUENCE
>>> 870:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
>>> 875:d=4 hl=2 l= 1 prim: BOOLEAN :255
>>> 878:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
>>> 884:d=3 hl=2 l= 87 cons: SEQUENCE
>>> 886:d=4 hl=2 l= 8 prim: OBJECT :Authority Information
> Access
>>> 896:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
>>>
>
DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
>>>
>
302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
>>> 7274
>>> 973:d=3 hl=2 l= 27 cons: SEQUENCE
>>> 975:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject
> Alternative
>>> Name
>>> 980:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
>>> DUMP]:3012821073736C322E766974616C70732E6E6574
>>> 1002:d=3 hl=2 l= 31 cons: SEQUENCE
>>> 1004:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
>>> Identifier
>>> 1009:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
>>> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>>>
>>> Base64 TBSCertificate:
>>>
>
MIIEB6ADAgECAhAadzfP5lTtleC0KpDbNXu5MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
>>>
>
UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
>>>
>
cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
>>>
>
IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
>>>
>
IC0gRzMwHhcNMTYwNzI5MDAwMDAwWhcNMTcwMjEwMjM1OTU5WjBxMQswCQYDVQQGEwJVUzEQMA4G
>>>
>
A1UECBMHR2VvcmdpYTERMA8GA1UEBxQIQ29sdW1idXMxDTALBgNVBAoUBFRTWVMxEzARBgNVBAsU
>>>
>
ClREUy1EYWxsYXMxGTAXBgNVBAMUEHNzbDIudml0YWxwcy5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
>>>
>
A4IBDwAwggEKAoIBAQC3uHoi3Fp5GWUM0POolIPpjFFn8hCMYwAkZKre8jCjyuh/XtLY920wVmkc
>>>
>
DgbS55kmbRxVw0qmsnUznKTDNWh9z6LXPcOOaXFIrgeMv0Hq8O5RAYuBqxiu9HekCiwoaS5xBBbT
>>>
>
+YVak4rCuld9iyzMAiAtzRtTVAkcoXXit7oVGjWxfgnFTTGVor/5DSR1RBU9h0bgDntS/PsLX+73
>>>
>
8m28/7U4rGfR8TByVlr0e6DjKL2WUuMQc0ezSw9zaD/acWYE5KnNS62evyiqiaAzQ59SGAWY9uxF
>>>
>
nSPNjFHQdntFD4SDdQlwPBCqanXiLDZ1YAkpuZWx07LwVPpMY6T09rMdAgMBAAGjggFlMIIBYTAJ
>>>
>
BgNVHRMEAjAAMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
>>>
>
eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCsGA1Ud
>>>
>
HwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMB0GA1UdJQQWMBQGCCsGAQUF
>>>
>
BwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
>>>
>
hhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3Nl
>>>
>
LmNydDAbBgNVHREEFDASghBzc2wyLnZpdGFscHMubmV0MB8GA1UdIwQYMBaAFNebfNgioBX33a1f
>>> zimbWMO8RgC1
>>>
>>>
>>> -----Original Message-----
>>> From: public-bounces at cabforum.org
>>> Sent: Friday, July 15, 2016 7:48 PM
>>>
>>> Subject: [cabfpub] Application for SHA-1 Issuance
>>>
>>> Enclosed please find the application for SHA-1 issuance presented on
> behalf
>>> of our client. Note that the application was fully completed by the
> client.
>>>
>>> In addition, please find the TBS certificates generated by Symantec.
>>>
>>> Accompanying each TBSCertificate is a crt.sh link to the corresponding
> SHA-2
>>> certificate issued by our online system as a prerequisite, so that we
>>> capture evidence of authentication and verification of the information
in
>>> the certificate. The TBSCertificates differ from these certificates by
>>> Issuer name, because our online systems can sign only with SHA-2
issuers.
>>> And since the Issuer name is different, corresponding extensions (CDP,
> AIA,
>>> AKI) are different as well.
>>>
>>> The TBSCertificates do not include public keys from older CT-logged
>>> certificates; they include public keys that correspond to private keys
> that
>>> were recently generated on the servers and that await the approval of
> these
>>> requests. The customer uses a CDN that uses OpenSSL to generate key
pairs
>>> from a secure server. A separate secure server is used for private key
>>> pass-phrase retention.
>>>
>>> As this is the first time this is being done, there may be follow-up
>>> questions or items that were inadvertently omitted which we are happy to
>>> address.
>>>
>>> We ask that the community give good consideration to this request.
>>>
>>> One thing you will notice is the validity date extends to Feb 10, 2017.
> In
>>> the payment industry, 31 December is an absolutely horrible time to make
> a
>>> change as it represents one of the peak times for traffic. The client
has
>>> aligned the date with the published Microsoft end date for SHA-1.
>>>
>>> Thank you,
>>>
>>> Dean Coclin
>>> Symantec
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5723 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160725/b55f777d/attachment-0001.p7s>
More information about the Public
mailing list