[cabfpub] SHA-1 exception request-REVISED TBS CERTS
Curt Spann
cspann at apple.com
Thu Oct 20 10:45:30 MST 2016
Apple approves this SHA-1 exception request.
Curt
> On Oct 19, 2016, at 2:23 PM, Dean Coclin via Public <public at cabforum.org> wrote:
>
> Below please find the modified TBS certs which reflect the revised expiration date. This was the only change made.
>
> We request an expedited review for the reasons outlined in my prior note. Thank you!
>
> To reconstitute the TBSCertificate in binary DER form, use the Linux
> command:
> base64 --decode > tbs.der
> Then paste in a block of text from below, followed by an EOF (control-D).
>
> ----------------------------------------
>
> efsnet.concordebiz.com <http://efsnet.concordebiz.com/> (based on
> https://crt.sh/?sha256=A6D37F8B062725E722FE2C5EC01C6E740C407D88FD09BAC6797E7 <https://crt.sh/?sha256=A6D37F8B062725E722FE2C5EC01C6E740C407D88FD09BAC6797E7>
> E9FFA11D534, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFRzCCBC+gAwIBAgIQcKVZiDz4oTfeDd+D7mgNajANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEfMB0GA1UEAxQWZWZz
> bmV0LmNvbmNvcmRlYml6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
> ggEBAPopX3/CP3tpiAKQBApPqe+lzmYpDbnQaLYyC7MArS3K/S1BwbsSMyw5BsV3
> tsPohsXdDWT19GUvJZSCUjF4RiG7evB74AtzQedL/K8uluG/BAB8l+hceNgQSjyb
> JYhpr/F+qFPLYpfIcwJgoQ6Mt7gCWU4qwsUgBBT/OndbCw8vW9hctqzak5Qtz4Z+
> YJVEbIOE4L7MUYM7t96A1Bge7H7cygmlCZmGCIhMPGuVGwPDJOHcTzg6+6SpyLRB
> /wpCZj3pMDdkXsZTMu1JF/UT0hRS0Pj4mjhEF7/+FWZr/LnaubulLclnWuR62lPl
> ZBfKl9FVojPq/hh9GhttzdYq0PMCAwEAAaOCAXowggF2MCEGA1UdEQQaMBiCFmVm
> c25ldC5jb25jb3JkZWJpei5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAw
> KAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwZQYDVR0g
> BF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1j
> Yi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
> MB8GA1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAe
> oByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAf
> BggrBgEFBQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0
> cDovL3NlLnN5bWNiLmNvbS9zZS5jcnQwDQYJKoZIhvcNAQEFBQADggEBAA0KIMJG
> eMtxtiDtAS9F6UZNhB5Lk97ZbK/QEuOsDeUdjbHqh2NbKtbWs0CEJI0wlVU9zkuI
> C0IOId0FnURdPz8WOvjwB1pZotniPVWZQ3lBbB+OrlO1WQzhMm26fOTz1o16Ohuu
> 5GNgjrBdy98fEW8Iklo2NZY8/PO6Hgy6NcfX0RfewbEN76yfc6ybl8OFh8rWsnFL
> JLLYnbe4etP4ZSu2e3lhNApQsNMINbP9/+A7qfYhJB3MrXsHUDfj22TC7NkFVU6O
> KbE09qqa50iUdNR/O+a76efWzx0F27nuxy1EBBDRyObtdnf2IFvJISH1PdLWNnmH
> aZRn54CARahmCqs=
> -----END CERTIFICATE-----
>
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1071 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :27438863D2DEF739D263E0D0F4C607E3
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa <https://www.verisign.com/rpa> (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :161231235959Z
> 265:d=1 hl=3 l= 131 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 16 cons: SET
> 301:d=3 hl=2 l= 14 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 317:d=2 hl=2 l= 31 cons: SET
> 319:d=3 hl=2 l= 29 cons: SEQUENCE
> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 326:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 350:d=2 hl=2 l= 14 cons: SET
> 352:d=3 hl=2 l= 12 cons: SEQUENCE
> 354:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 359:d=4 hl=2 l= 5 prim: T61STRING :NWICS
> 366:d=2 hl=2 l= 31 cons: SET
> 368:d=3 hl=2 l= 29 cons: SEQUENCE
> 370:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 375:d=4 hl=2 l= 22 prim: T61STRING :efsnet.concordebiz.com <http://efsnet.concordebiz.com/>
> 399:d=1 hl=4 l= 290 cons: SEQUENCE
> 403:d=2 hl=2 l= 13 cons: SEQUENCE
> 405:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 416:d=3 hl=2 l= 0 prim: NULL
> 418:d=2 hl=4 l= 271 prim: BIT STRING
> 693:d=1 hl=4 l= 378 cons: cont [ 3 ]
> 697:d=2 hl=4 l= 374 cons: SEQUENCE
> 701:d=3 hl=2 l= 33 cons: SEQUENCE
> 703:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 708:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
> DUMP]:301882166566736E65742E636F6E636F72646562697A2E636F6D
> 736:d=3 hl=2 l= 9 cons: SEQUENCE
> 738:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 743:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 747:d=3 hl=2 l= 14 cons: SEQUENCE
> 749:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 754:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 757:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 763:d=3 hl=2 l= 40 cons: SEQUENCE
> 765:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 770:d=4 hl=2 l= 33 prim: OCTET STRING [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
> 805:d=3 hl=2 l= 101 cons: SEQUENCE
> 807:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 812:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 908:d=3 hl=2 l= 31 cons: SEQUENCE
> 910:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 915:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
> 941:d=3 hl=2 l= 43 cons: SEQUENCE
> 943:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 948:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 986:d=3 hl=2 l= 87 cons: SEQUENCE
> 988:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 998:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
>
>
> Base64 TBSCertificate:
> MIIEL6ADAgECAhAnQ4hj0t73OdJj4ND0xgfjMA0GCSqGSIb3DQEBBQUAMIG8MQsw
> CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
> cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo
> dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJp
> U2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzMwHhcNMTYx
> MDE0MDAwMDAwWhcNMTYxMjMxMjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxEDAOBgNV
> BAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERh
> dGEgQ29ycG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR8wHQYDVQQDFBZlZnNuZXQu
> Y29uY29yZGViaXouY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
> +ilff8I/e2mIApAECk+p76XOZikNudBotjILswCtLcr9LUHBuxIzLDkGxXe2w+iG
> xd0NZPX0ZS8llIJSMXhGIbt68HvgC3NB50v8ry6W4b8EAHyX6Fx42BBKPJsliGmv
> 8X6oU8til8hzAmChDoy3uAJZTirCxSAEFP86d1sLDy9b2Fy2rNqTlC3Phn5glURs
> g4TgvsxRgzu33oDUGB7sftzKCaUJmYYIiEw8a5UbA8Mk4dxPODr7pKnItEH/CkJm
> PekwN2RexlMy7UkX9RPSFFLQ+PiaOEQXv/4VZmv8udq5u6UtyWda5HraU+VkF8qX
> 0VWiM+r+GH0aG23N1irQ8wIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWZWZzbmV0
> LmNvbmNvcmRlYml6LmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNV
> HSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATBlBgNVHSAEXjBc
> MFoGCmCGSAGG+EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNv
> bS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYa
> aHR0cDovL3NlLnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsG
> AQUFBzABhhNodHRwOi8vc2Uuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8v
> c2Uuc3ltY2IuY29tL3NlLmNydA==
>
>
> -----------------------------------
>
> prod.dw.us.fdcnet.biz <http://prod.dw.us.fdcnet.biz/> (based on
> https://crt.sh/?sha256=1B7004DBDDF8F649948304CEA18B3919A668AEDB7B1BC45BAC8E9 <https://crt.sh/?sha256=1B7004DBDDF8F649948304CEA18B3919A668AEDB7B1BC45BAC8E9>
> 0CD59913C4F, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFRTCCBC2gAwIBAgIQA9N1TT3RQCYREke2ZUyiMDANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYIxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEeMBwGA1UEAxQVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
> AQEA1kCMHpW82GAzU7/GaW1kThk+rvEkvU+jNc97f1SdaAgeTPr1P9Ktoec6qlun
> rHhWD8oc6ipgr5CzIu8XNSF/fOYVDcgN8GOop7HrNtggbf+THn/VkiX4DTLW5eCH
> hDKaegMrM2uMBquKHWPY/bk9vAPPCG4TUe6p06zICtmAfp3wDK+XcZrsFlWgtGEs
> ZZsEYeuvOvwG7tuORCNDKJhgRWM9Ga597tuHA5I3pRBPWJnkHamN5TNf5js3uAT9
> Sv8l2ZSjbeFZVzTse7JfjOWAu2jbAFq5oUPrOAQsjo5G81gueilr+nhrFqVxIFK9
> FJihSAoSTQoZvGi2XFNET8yRVwIDAQABo4IBeTCCAXUwIAYDVR0RBBkwF4IVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCgG
> A1UdJQQhMB8GCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBMGUGA1UdIARe
> MFwwWgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
> Y29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAf
> BgNVHSMEGDAWgBTXm3zYIqAV992tX84pm1jDvEYAtTArBgNVHR8EJDAiMCCgHqAc
> hhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNybDBXBggrBgEFBQcBAQRLMEkwHwYI
> KwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6
> Ly9zZS5zeW1jYi5jb20vc2UuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQAyFdPtk7kZ
> Q2MuQvVEYn+gTDcEuDAbuYrkWYQrBPxM12rPY2iavAK3coOCdyybxT0FZoguwbqt
> uyhPj62dUnUJrGJTrIIsoSggGLqps210mx3WF9/W4mFPfqY7mw0wCc2nDqtTJQkD
> y9J5cibHRJuqynqFmN3jOjQxyL5uc2YJbbzcdWX0JBV+Q01enplXKZ2Szxll8vn+
> /4TuIhYvaIj4NlutNrCgtPULe6TAeacMcMWJeMRgiaBBLdNWtf2POJ0k9yw7adx0
> cGIS4o7oaBeOdpk58581Fzn7CA4Hnj5RBd9M7zKEWeAkShHCzOEqTO5Tvs+lZUy2
> 80Z+cwAY5cWv
> -----END CERTIFICATE-----
>
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1069 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :20C24DFC0453E8B189F4A1E937299C84
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa <https://www.verisign.com/rpa> (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :161231235959Z
> 265:d=1 hl=3 l= 130 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 16 cons: SET
> 301:d=3 hl=2 l= 14 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 317:d=2 hl=2 l= 31 cons: SET
> 319:d=3 hl=2 l= 29 cons: SEQUENCE
> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 326:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 350:d=2 hl=2 l= 14 cons: SET
> 352:d=3 hl=2 l= 12 cons: SEQUENCE
> 354:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 359:d=4 hl=2 l= 5 prim: T61STRING :NWICS
> 366:d=2 hl=2 l= 30 cons: SET
> 368:d=3 hl=2 l= 28 cons: SEQUENCE
> 370:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 375:d=4 hl=2 l= 21 prim: T61STRING :prod.dw.us.fdcnet.biz <http://prod.dw.us.fdcnet.biz/>
> 398:d=1 hl=4 l= 290 cons: SEQUENCE
> 402:d=2 hl=2 l= 13 cons: SEQUENCE
> 404:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 415:d=3 hl=2 l= 0 prim: NULL
> 417:d=2 hl=4 l= 271 prim: BIT STRING
> 692:d=1 hl=4 l= 377 cons: cont [ 3 ]
> 696:d=2 hl=4 l= 373 cons: SEQUENCE
> 700:d=3 hl=2 l= 32 cons: SEQUENCE
> 702:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 707:d=4 hl=2 l= 25 prim: OCTET STRING [HEX
> DUMP]:3017821570726F642E64772E75732E6664636E65742E62697A
> 734:d=3 hl=2 l= 9 cons: SEQUENCE
> 736:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 741:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 745:d=3 hl=2 l= 14 cons: SEQUENCE
> 747:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 752:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 755:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 761:d=3 hl=2 l= 40 cons: SEQUENCE
> 763:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 768:d=4 hl=2 l= 33 prim: OCTET STRING [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
> 803:d=3 hl=2 l= 101 cons: SEQUENCE
> 805:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 810:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 906:d=3 hl=2 l= 31 cons: SEQUENCE
> 908:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 913:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
> 939:d=3 hl=2 l= 43 cons: SEQUENCE
> 941:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 946:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 984:d=3 hl=2 l= 87 cons: SEQUENCE
> 986:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 996:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
>
>
> Base64 TBSCertificate:
> MIIELaADAgECAhAgwk38BFPosYn0oek3KZyEMA0GCSqGSIb3DQEBBQUAMIG8MQsw
> CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
> cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo
> dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJp
> U2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzMwHhcNMTYx
> MDE0MDAwMDAwWhcNMTYxMjMxMjM1OTU5WjCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
> BAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERh
> dGEgQ29ycG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR4wHAYDVQQDFBVwcm9kLmR3
> LnVzLmZkY25ldC5iaXowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW
> QIwelbzYYDNTv8ZpbWROGT6u8SS9T6M1z3t/VJ1oCB5M+vU/0q2h5zqqW6eseFYP
> yhzqKmCvkLMi7xc1IX985hUNyA3wY6inses22CBt/5Mef9WSJfgNMtbl4IeEMpp6
> Aysza4wGq4odY9j9uT28A88IbhNR7qnTrMgK2YB+nfAMr5dxmuwWVaC0YSxlmwRh
> 6686/Abu245EI0MomGBFYz0Zrn3u24cDkjelEE9YmeQdqY3lM1/mOze4BP1K/yXZ
> lKNt4VlXNOx7sl+M5YC7aNsAWrmhQ+s4BCyOjkbzWC56KWv6eGsWpXEgUr0UmKFI
> ChJNChm8aLZcU0RPzJFXAgMBAAGjggF5MIIBdTAgBgNVHREEGTAXghVwcm9kLmR3
> LnVzLmZkY25ldC5iaXowCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwKAYDVR0l
> BCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwZQYDVR0gBF4wXDBa
> BgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20v
> Y3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1Ud
> IwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAeoByGGmh0
> dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEF
> BQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3Nl
> LnN5bWNiLmNvbS9zZS5jcnQ=
>
>
> --------------------------------------------
>
> support.datawire.net <http://support.datawire.net/> (based on
> https://crt.sh/?sha256=4dec1059061a0a30a99bc8410162ec2bfa5f84a03ed1388841569 <https://crt.sh/?sha256=4dec1059061a0a30a99bc8410162ec2bfa5f84a03ed1388841569>
> 4ab182c1fb5, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFNDCCBBygAwIBAgIQIX0er30siBqy4r46XFhn1jANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQxMDI5
> MDAwMDAwWhcNMTYxMDI5MjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMR0wGwYDVQQDFBRzdXBwb3J0
> LmRhdGF3aXJlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANc4
> +MVG/beelCw0hKtSYx17rM5aHxPmzjcKBMgEOEJjoJ8fNVa+ja18J9SvbFio0r49
> BjlKtCBdBjfghhtD9oimOkDLonVi/Bg+kLKci23xn1kkFFDwkLLadmpYT+Kliq03
> W28cY/ztB+kXFmnsbZ/umpPKA5ffbUKjKLchpMv+d/tZB2WWvQn5JXwVbFayMt5X
> eQpaP5NhGkjHEFlEblDBUXJpsrsj18/IsdICzyg1+GPt7SWwQI0BF/N5L+dYNHJ9
> 7sLHJ6/hj1ecS+q8NjwM1YcsEHoiYFdC22KMMQGfLQi5T9sxeM+FWkerL49tgiii
> eb4xqW2O3gEFy9Z4AV0CAwEAAaOCAW0wggFpMB8GA1UdEQQYMBaCFHN1cHBvcnQu
> ZGF0YXdpcmUubmV0MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
> MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUH
> AgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNE
> wYJ+HSCrJfQBY9i+eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNi
> LmNvbS9zZC5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8v
> c2Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3Nk
> LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAZhkiyE6cHiH/TRYN8pKrpxOGSmep6/2R
> WUtjvlGhOnWMWU1Nktk/rJghTGOjKtW/KDqsuucHHquld9N+NUxdcvQY/xjd/MoS
> BPsJjoK1ATwEUlOAmHNcFahrM+bZJYwO1pTdn3dRcnZU/N1v3ioMmcGxqKEcC83P
> wxusfTgJca0X/TvMilT69y/2tw37RhUywYAosOyVJaIWV6t0ckHqRY3fN5wRJUf4
> 3Nw2g6cj5I1381Yh/XCQEehnGY8dsSXmgNOudI+PdwmyqmJLDD31XDDhVpxsxLaF
> 6ffj0ylMV+ocIogA46VeDCkOaNpCjz6G/L0Qv1/gI2IF8ZyMNvoMYA==
> -----END CERTIFICATE-----
>
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1052 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :23754E9A4A58BDD3C160079CB8FBDC58
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa <https://www.verisign.com/rpa> (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :161231235959Z
> 258:d=1 hl=3 l= 132 cons: SEQUENCE
> 261:d=2 hl=2 l= 11 cons: SET
> 263:d=3 hl=2 l= 9 cons: SEQUENCE
> 265:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 270:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 274:d=2 hl=2 l= 16 cons: SET
> 276:d=3 hl=2 l= 14 cons: SEQUENCE
> 278:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 283:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 292:d=2 hl=2 l= 16 cons: SET
> 294:d=3 hl=2 l= 14 cons: SEQUENCE
> 296:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 301:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 310:d=2 hl=2 l= 31 cons: SET
> 312:d=3 hl=2 l= 29 cons: SEQUENCE
> 314:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 319:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 343:d=2 hl=2 l= 17 cons: SET
> 345:d=3 hl=2 l= 15 cons: SEQUENCE
> 347:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 352:d=4 hl=2 l= 8 prim: T61STRING :Datawire
> 362:d=2 hl=2 l= 29 cons: SET
> 364:d=3 hl=2 l= 27 cons: SEQUENCE
> 366:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 371:d=4 hl=2 l= 20 prim: T61STRING :support.datawire.net <http://support.datawire.net/>
> 393:d=1 hl=4 l= 290 cons: SEQUENCE
> 397:d=2 hl=2 l= 13 cons: SEQUENCE
> 399:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 410:d=3 hl=2 l= 0 prim: NULL
> 412:d=2 hl=4 l= 271 prim: BIT STRING
> 687:d=1 hl=4 l= 365 cons: cont [ 3 ]
> 691:d=2 hl=4 l= 361 cons: SEQUENCE
> 695:d=3 hl=2 l= 31 cons: SEQUENCE
> 697:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 702:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168214737570706F72742E64617461776972652E6E6574
> 728:d=3 hl=2 l= 9 cons: SEQUENCE
> 730:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 735:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 739:d=3 hl=2 l= 14 cons: SEQUENCE
> 741:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 746:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 749:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 755:d=3 hl=2 l= 29 cons: SEQUENCE
> 757:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 762:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 786:d=3 hl=2 l= 101 cons: SEQUENCE
> 788:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 793:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 889:d=3 hl=2 l= 31 cons: SEQUENCE
> 891:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 896:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 922:d=3 hl=2 l= 43 cons: SEQUENCE
> 924:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 929:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 967:d=3 hl=2 l= 87 cons: SEQUENCE
> 969:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 979:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
>
> Base64 TBSCertificate:
> MIIEHKADAgECAhAjdU6aSli908FgB5y4+9xYMA0GCSqGSIb3DQEBBQUAMIG1MQsw
> CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
> cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo
> dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJp
> U2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAeFw0xNjEwMTQwMDAw
> MDBaFw0xNjEyMzEyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHR2Vv
> cmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jw
> b3JhdGlvbjERMA8GA1UECxQIRGF0YXdpcmUxHTAbBgNVBAMUFHN1cHBvcnQuZGF0
> YXdpcmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zj4xUb9
> t56ULDSEq1JjHXuszlofE+bONwoEyAQ4QmOgnx81Vr6NrXwn1K9sWKjSvj0GOUq0
> IF0GN+CGG0P2iKY6QMuidWL8GD6QspyLbfGfWSQUUPCQstp2alhP4qWKrTdbbxxj
> /O0H6RcWaextn+6ak8oDl99tQqMotyGky/53+1kHZZa9CfklfBVsVrIy3ld5Clo/
> k2EaSMcQWURuUMFRcmmyuyPXz8ix0gLPKDX4Y+3tJbBAjQEX83kv51g0cn3uwscn
> r+GPV5xL6rw2PAzVhywQeiJgV0LbYowxAZ8tCLlP2zF4z4VaR6svj22CKKJ5vjGp
> bY7eAQXL1ngBXQIDAQABo4IBbTCCAWkwHwYDVR0RBBgwFoIUc3VwcG9ydC5kYXRh
> d2lyZS5uZXQwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
> KwYBBQUHAwEGCCsGAQUFBwMCMGUGA1UdIAReMFwwWgYKYIZIAYb4RQEHNjBMMCMG
> CCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZ
> GhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4d
> IKsl9AFj2L55pTArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29t
> L3NkLmNybDBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5z
> eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3J0
>
>
> ----------------------------------------------
>
> vxn.datawire.net <http://vxn.datawire.net/> (based on
> https://crt.sh/?sha256=BD41104E071B4B8EE67395FC916C333FE05B06737D6E50B4E4673 <https://crt.sh/?sha256=BD41104E071B4B8EE67395FC916C333FE05B06737D6E50B4E4673>
> C3A76CA2110, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFKDCCBBCgAwIBAgIQcU8GvyL+RFnjJEvuiTDsUzANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMRkwFwYDVQQDFBB2eG4uZGF0
> YXdpcmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDba7upf
> JEgF7+P2H/KdNsKrsQ7qHv8XAPjOQVoiedCoPmjz2ITA/VZR3+aOxf6GwhMkXSR5
> w6I9MquJHT5Nj4O9WeAkpWLo86SVPSRWqMRWKv1XbOZOSpZCAgn7piUqzjixILWh
> NRJacpJr/sjDS5AmV8t8ckStlsghiAWR8UXMXto8k8G9afZT0BNZKZtMub6fDIbu
> gPifVmm6gK76RnAFVwXGG5NunXTj9MQwp7EYtu0+5x4Ryb5XB5moOnZQE+bCNMlP
> 1umpbgKNzZxeEqLZgRz3TbOBpehuYplb2M6axjd8vQlfsXJqEYgWUlWVH+d3VaUU
> nEr3QkAMtqOhuQIDAQABo4IBZTCCAWEwGwYDVR0RBBQwEoIQdnhuLmRhdGF3aXJl
> Lm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
> BQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcC
> ARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6
> Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+
> eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmww
> VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29t
> MCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNydDANBgkqhkiG
> 9w0BAQUFAAOCAQEAh8kZ9DvUDx/HMH2D69a6HxRcEf+OOLHrGmrCLS1Trp3UI3ci
> x38ohV4HRfkmV+cg/1mctCSSfOaecre9NJvXYLSbrwWg90tT7fZlkG/VH+50VVmV
> yUPVyUdhAg87E01FcqeW8gV1GRNlZ5S/y9Vi1C9+yIPpzFEUuwxbqZaLbeElvYJg
> ydtjZwLT7UwlERhZLzxAFB4uU9G9Ghi2qgkvKPAFZhdk3MXD79iWi9YUYOUDQA3+
> 6ikPcUMn4KCxJvNSURTBVQuz0qGQw1pp2ON9GIiSxw24ha6L3BbZMJrKRKPTOjy8
> YasYiS4hpUDvlwl5MMlOCuCE8/gnPvju9UHALg==
> -----END CERTIFICATE-----
>
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1040 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :6BFAA1E1CF6B3068033D10AB7AE42DDE
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa <https://www.verisign.com/rpa> (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :161231235959Z
> 258:d=1 hl=3 l= 128 cons: SEQUENCE
> 261:d=2 hl=2 l= 11 cons: SET
> 263:d=3 hl=2 l= 9 cons: SEQUENCE
> 265:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 270:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 274:d=2 hl=2 l= 16 cons: SET
> 276:d=3 hl=2 l= 14 cons: SEQUENCE
> 278:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 283:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 292:d=2 hl=2 l= 16 cons: SET
> 294:d=3 hl=2 l= 14 cons: SEQUENCE
> 296:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 301:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 310:d=2 hl=2 l= 31 cons: SET
> 312:d=3 hl=2 l= 29 cons: SEQUENCE
> 314:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 319:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 343:d=2 hl=2 l= 17 cons: SET
> 345:d=3 hl=2 l= 15 cons: SEQUENCE
> 347:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 352:d=4 hl=2 l= 8 prim: T61STRING :Datawire
> 362:d=2 hl=2 l= 25 cons: SET
> 364:d=3 hl=2 l= 23 cons: SEQUENCE
> 366:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 371:d=4 hl=2 l= 16 prim: T61STRING :vxn.datawire.net <http://vxn.datawire.net/>
> 389:d=1 hl=4 l= 290 cons: SEQUENCE
> 393:d=2 hl=2 l= 13 cons: SEQUENCE
> 395:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 406:d=3 hl=2 l= 0 prim: NULL
> 408:d=2 hl=4 l= 271 prim: BIT STRING
> 683:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 687:d=2 hl=4 l= 353 cons: SEQUENCE
> 691:d=3 hl=2 l= 27 cons: SEQUENCE
> 693:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 698:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821076786E2E64617461776972652E6E6574
> 720:d=3 hl=2 l= 9 cons: SEQUENCE
> 722:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 727:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 731:d=3 hl=2 l= 14 cons: SEQUENCE
> 733:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 738:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 741:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 747:d=3 hl=2 l= 29 cons: SEQUENCE
> 749:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 754:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 778:d=3 hl=2 l= 97 cons: SEQUENCE
> 780:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 785:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 877:d=3 hl=2 l= 31 cons: SEQUENCE
> 879:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 884:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 910:d=3 hl=2 l= 43 cons: SEQUENCE
> 912:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 917:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 955:d=3 hl=2 l= 87 cons: SEQUENCE
> 957:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 967:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
>
> Base64 TBSCertificate:
> MIIEEKADAgECAhBr+qHhz2swaAM9EKt65C3eMA0GCSqGSIb3DQEBBQUAMIG1MQsw
> CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
> cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo
> dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJp
> U2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAeFw0xNjEwMTQwMDAw
> MDBaFw0xNjEyMzEyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHR2Vv
> cmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jw
> b3JhdGlvbjERMA8GA1UECxQIRGF0YXdpcmUxGTAXBgNVBAMUEHZ4bi5kYXRhd2ly
> ZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNtru6l8kSAXv
> 4/Yf8p02wquxDuoe/xcA+M5BWiJ50Kg+aPPYhMD9VlHf5o7F/obCEyRdJHnDoj0y
> q4kdPk2Pg71Z4CSlYujzpJU9JFaoxFYq/Vds5k5KlkICCfumJSrOOLEgtaE1Elpy
> kmv+yMNLkCZXy3xyRK2WyCGIBZHxRcxe2jyTwb1p9lPQE1kpm0y5vp8Mhu6A+J9W
> abqArvpGcAVXBcYbk26ddOP0xDCnsRi27T7nHhHJvlcHmag6dlAT5sI0yU/W6alu
> Ao3NnF4SotmBHPdNs4Gl6G5imVvYzprGN3y9CV+xcmoRiBZSVZUf53dVpRScSvdC
> QAy2o6G5AgMBAAGjggFlMIIBYTAbBgNVHREEFDASghB2eG4uZGF0YXdpcmUubmV0
> MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
> BggrBgEFBQcDAjBhBgNVHSAEWjBYMFYGBmeBDAECAjBMMCMGCCsGAQUFBwIBFhdo
> dHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Qu
> c3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTAr
> BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNybDBXBggr
> BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYI
> KwYBBQUHMAKGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3J0
>
>
> --------------------------------------------
>
> vxn1.datawire.net <http://vxn1.datawire.net/> (based on https://crt.sh/?sha256= <https://crt.sh/?sha256=>
> f9836701e490be00496f758827cb7cd7c3e6ccf3bd019e70b984344b7bee30ba, shown
> below)
>
> -----BEGIN CERTIFICATE-----
> MIIFJjCCBA6gAwIBAgIQF7J0vivjXvfrlJdtps1vxTANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjB+MQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBD
> b3Jwb3JhdGlvbjEOMAwGA1UECxQFRFdPUFMxGjAYBgNVBAMUEXZ4bjEuZGF0YXdp
> cmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrY4LUYBjezk
> AryX0ArxEy2XIelxc6IINIGYjZVQ5Ahrmk7HNNkfcEHtTyKwa+7QIn22EQ2izA5c
> 2659t5Xy9WgxTSgJ6Rm+Z04ca7pw1HCTE9ToqGz6XqG9560qEJUNw0nFAjdQKqzr
> KVZADipWGTvduVyqMcL1F1xmQRy2Eqjv8k/QHRfsQWcSgLR0G2DX0aylQ1NPmUmv
> T002uCKd82qkgo7NXoEvS2m+T38Uxh6xso+wcjIWzEWeSTQ8qvBU/9oAmhd4A+gw
> 2L0f/xYUYWJZySGbZXr3indobSkhPTZk+BoEc8nvsD32jL4rL83rIkyUlftsH3ht
> TWubGdmF6wIDAQABo4IBZjCCAWIwHAYDVR0RBBUwE4IRdnhuMS5kYXRhd2lyZS5u
> ZXQwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
> AwEGCCsGAQUFBwMCMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEW
> F2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0AWPYvnml
> MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3JsMFcG
> CCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NkLnN5bWNkLmNvbTAm
> BggrBgEFBQcwAoYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcnQwDQYJKoZIhvcN
> AQEFBQADggEBAHpQ1jDkQ32iqdxwsUoFANDF/2ALcwjhkzRKvmbWWHaKBprJAyDL
> sQYR56MBs/oCcT9ALPmcfVzVj3m+hMNTb61i8n9m9Q8sR+43/UkmZElvQ1JzkaGx
> YHf9sfWXzNOUcjO0d+VXfuRY/otPxAIUV48LCYgY7joe8XAQvCL2XR8t7Qnn8DwG
> wCzGnCkCgDBxBVHC6XCKBsaSsuAhED5XG7Lm0MVIPHS6fkC1SGtW29mX+FaiKLop
> RJCGK5BiMOcPeQYIHlh1W809xFAKH/dRJeehpIM7cJZPSxxtiArbqjSn6rMfOE5Z
> 8pTlvBq6Zj1F/U2lIIi21LQKEtlEoBXR5YY=
> -----END CERTIFICATE-----
>
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1038 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :24249CCA94D660E50363FF7F47DC7107
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa <https://www.verisign.com/rpa> (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :161231235959Z
> 258:d=1 hl=2 l= 126 cons: SEQUENCE
> 260:d=2 hl=2 l= 11 cons: SET
> 262:d=3 hl=2 l= 9 cons: SEQUENCE
> 264:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 269:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 273:d=2 hl=2 l= 16 cons: SET
> 275:d=3 hl=2 l= 14 cons: SEQUENCE
> 277:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 282:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 291:d=2 hl=2 l= 16 cons: SET
> 293:d=3 hl=2 l= 14 cons: SEQUENCE
> 295:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 300:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 309:d=2 hl=2 l= 31 cons: SET
> 311:d=3 hl=2 l= 29 cons: SEQUENCE
> 313:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 318:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 342:d=2 hl=2 l= 14 cons: SET
> 344:d=3 hl=2 l= 12 cons: SEQUENCE
> 346:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 351:d=4 hl=2 l= 5 prim: T61STRING :DWOPS
> 358:d=2 hl=2 l= 26 cons: SET
> 360:d=3 hl=2 l= 24 cons: SEQUENCE
> 362:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 367:d=4 hl=2 l= 17 prim: T61STRING :vxn1.datawire.net <http://vxn1.datawire.net/>
> 386:d=1 hl=4 l= 290 cons: SEQUENCE
> 390:d=2 hl=2 l= 13 cons: SEQUENCE
> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 403:d=3 hl=2 l= 0 prim: NULL
> 405:d=2 hl=4 l= 271 prim: BIT STRING
> 680:d=1 hl=4 l= 358 cons: cont [ 3 ]
> 684:d=2 hl=4 l= 354 cons: SEQUENCE
> 688:d=3 hl=2 l= 28 cons: SEQUENCE
> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 695:d=4 hl=2 l= 21 prim: OCTET STRING [HEX
> DUMP]:3013821176786E312E64617461776972652E6E6574
> 718:d=3 hl=2 l= 9 cons: SEQUENCE
> 720:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 725:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 729:d=3 hl=2 l= 14 cons: SEQUENCE
> 731:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 736:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 739:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 745:d=3 hl=2 l= 29 cons: SEQUENCE
> 747:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 752:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 776:d=3 hl=2 l= 97 cons: SEQUENCE
> 778:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 783:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 875:d=3 hl=2 l= 31 cons: SEQUENCE
> 877:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 882:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 908:d=3 hl=2 l= 43 cons: SEQUENCE
> 910:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 915:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 953:d=3 hl=2 l= 87 cons: SEQUENCE
> 955:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 965:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
>
> Base64 TBSCertificate:
> MIIEDqADAgECAhAkJJzKlNZg5QNj/39H3HEHMA0GCSqGSIb3DQEBBQUAMIG1MQsw
> CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
> cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo
> dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJp
> U2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAeFw0xNjEwMTQwMDAw
> MDBaFw0xNjEyMzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdHZW9y
> Z2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJzdCBEYXRhIENvcnBv
> cmF0aW9uMQ4wDAYDVQQLFAVEV09QUzEaMBgGA1UEAxQRdnhuMS5kYXRhd2lyZS5u
> ZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOtjgtRgGN7OQCvJfQ
> CvETLZch6XFzogg0gZiNlVDkCGuaTsc02R9wQe1PIrBr7tAifbYRDaLMDlzbrn23
> lfL1aDFNKAnpGb5nThxrunDUcJMT1OiobPpeob3nrSoQlQ3DScUCN1AqrOspVkAO
> KlYZO925XKoxwvUXXGZBHLYSqO/yT9AdF+xBZxKAtHQbYNfRrKVDU0+ZSa9PTTa4
> Ip3zaqSCjs1egS9Lab5PfxTGHrGyj7ByMhbMRZ5JNDyq8FT/2gCaF3gD6DDYvR//
> FhRhYlnJIZtleveKd2htKSE9NmT4GgRzye+wPfaMvisvzesiTJSV+2wfeG1Na5sZ
> 2YXrAgMBAAGjggFmMIIBYjAcBgNVHREEFTATghF2eG4xLmRhdGF3aXJlLm5ldDAJ
> BgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
> KwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcCARYXaHR0
> cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5
> bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUwKwYD
> VR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmwwVwYIKwYB
> BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29tMCYGCCsG
> AQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNydA==
>
> From: Ryan Sleevi [mailto:sleevi at google.com <mailto:sleevi at google.com>]
> Sent: Tuesday, October 18, 2016 4:40 PM
> To: Gervase Markham <gerv at mozilla.org <mailto:gerv at mozilla.org>>
> Cc: Dean Coclin <Dean_Coclin at symantec.com <mailto:Dean_Coclin at symantec.com>>; Rob Stradling <rob.stradling at comodo.com <mailto:rob.stradling at comodo.com>>; CABFPub <public at cabforum.org <mailto:public at cabforum.org>>; Halliday, Morgan <Morgan.Halliday at firstdata.com <mailto:Morgan.Halliday at firstdata.com>>; Sidoriak, Evan S <Evan.Sidoriak at firstdata.com <mailto:Evan.Sidoriak at firstdata.com>>
> Subject: Re: [cabfpub] SHA-1 exception request
>
>
>
> On Tue, Oct 18, 2016 at 4:37 PM, Gervase Markham <gerv at mozilla.org <mailto:gerv at mozilla.org>> wrote:
> On 18/10/16 16:35, Ryan Sleevi wrote:
> > On Tue, Oct 18, 2016 at 4:34 PM, Dean Coclin via Public
> > <public at cabforum.org <mailto:public at cabforum.org> <mailto:public at cabforum.org <mailto:public at cabforum.org>>> wrote:
> >
> > While I'm not the technical expert here, assuming we could, wouldn't
> > they
> > then need to undergo the 10 day eval period?
> >
> > Yes
>
> And wouldn't that push the date past the expiry date of their existing
> certs?
>
> Unfortunately, potentially so. But I don't think it would be appropriate to be granting even further exceptions to an inability to follow a policy announced months ago, for the same moral hazard reason of allowing exceptions beyond Dec 31, 2016, when it's spelled out at https://github.com/awhalley/docs-for-comment/blob/master/SHA1RequestProcedure.MD#existing-certificate-information <https://github.com/awhalley/docs-for-comment/blob/master/SHA1RequestProcedure.MD#existing-certificate-information>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org <mailto:Public at cabforum.org>
> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20161020/e6b9237a/attachment-0001.html>
More information about the Public
mailing list