[cabfpub] SHA-1 exception request
Peter Bowen
pzb at amzn.com
Fri Sep 30 05:10:48 UTC 2016
I ran all the tbsCertificates below against a collision detection tool that checks both MD5 and SHA1. The results below show no issues. Note that I included a control sample (the tbsResponseData from Andrew Ayer’s OCSP demo) as well, so the last item is known bad.
md5 df43ef300f427727f362c217684efb8f datawire.tbs
sha1 e1afbe73d5ffbc07457e3f81640b906c4e4c8049 datawire.tbs
md5 13f18c436d76ec1d6d80c0e78ee87588 efsnet.tbs
sha1 66b70c95e0bb94831ea9a1fa300779d82abde81e efsnet.tbs
md5 09a1e6e01a9fd6936508e799b5d9fb8e fdcnet.tbs
sha1 fe139beecf7ec7382fda1cd5ebc4ddcb4f3a8347 fdcnet.tbs
md5 3cd6c8857b9608e09bdc981ae22e7445 vnx1.datawire.tbs
sha1 e3a45e1d4d670c9ecf1710e95ab18aceb7466645 vnx1.datawire.tbs
md5 74f7f20fb1320edc85b16bcc62854743 vxn.datawire.tbs
sha1 0ea656d1eef1769d78d85780e239f965a4f80c32 vxn.datawire.tbs
Found collision in block 16:
dm: dm11=00000002
ihv1=5f7afdb3b761d7d53372601b5f23f079
ihv2=5f7afdb3b761cfd13372581b5f23e879
md5 *coll* 3d2a07f2573d9d788893272c1a2995ff tests/agwa-ocsp.tbs
sha1 948786fed616071a1ea2cd2106e7351bd917f2c5 tests/agwa-ocsp.tbs
> On Sep 29, 2016, at 11:58 AM, Dean Coclin <Dean_Coclin at symantec.com> wrote:
>
> TBS Certificates below. We ask that the community give good consideration to
> this request.
>
> Dean Coclin
> Symantec
>
> To reconstitute the TBSCertificate in binary DER form, use the Linux
> command:
> base64 --decode > tbs.der
> Then paste in a block of text from below, followed by an EOF (control-D).
>
> ----------------------------------------
>
> efsnet.concordebiz.com (based on
> https://crt.sh/?sha256=A6D37F8B062725E722FE2C5EC01C6E740C407D88FD09BAC6797E7
> E9FFA11D534, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFRzCCBC+gAwIBAgIQcKVZiDz4oTfeDd+D7mgNajANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEfMB0GA1UEAxQWZWZz
> bmV0LmNvbmNvcmRlYml6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
> ggEBAPopX3/CP3tpiAKQBApPqe+lzmYpDbnQaLYyC7MArS3K/S1BwbsSMyw5BsV3
> tsPohsXdDWT19GUvJZSCUjF4RiG7evB74AtzQedL/K8uluG/BAB8l+hceNgQSjyb
> JYhpr/F+qFPLYpfIcwJgoQ6Mt7gCWU4qwsUgBBT/OndbCw8vW9hctqzak5Qtz4Z+
> YJVEbIOE4L7MUYM7t96A1Bge7H7cygmlCZmGCIhMPGuVGwPDJOHcTzg6+6SpyLRB
> /wpCZj3pMDdkXsZTMu1JF/UT0hRS0Pj4mjhEF7/+FWZr/LnaubulLclnWuR62lPl
> ZBfKl9FVojPq/hh9GhttzdYq0PMCAwEAAaOCAXowggF2MCEGA1UdEQQaMBiCFmVm
> c25ldC5jb25jb3JkZWJpei5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAw
> KAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwZQYDVR0g
> BF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1j
> Yi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
> MB8GA1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAe
> oByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAf
> BggrBgEFBQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0
> cDovL3NlLnN5bWNiLmNvbS9zZS5jcnQwDQYJKoZIhvcNAQEFBQADggEBAA0KIMJG
> eMtxtiDtAS9F6UZNhB5Lk97ZbK/QEuOsDeUdjbHqh2NbKtbWs0CEJI0wlVU9zkuI
> C0IOId0FnURdPz8WOvjwB1pZotniPVWZQ3lBbB+OrlO1WQzhMm26fOTz1o16Ohuu
> 5GNgjrBdy98fEW8Iklo2NZY8/PO6Hgy6NcfX0RfewbEN76yfc6ybl8OFh8rWsnFL
> JLLYnbe4etP4ZSu2e3lhNApQsNMINbP9/+A7qfYhJB3MrXsHUDfj22TC7NkFVU6O
> KbE09qqa50iUdNR/O+a76efWzx0F27nuxy1EBBDRyObtdnf2IFvJISH1PdLWNnmH
> aZRn54CARahmCqs=
> -----END CERTIFICATE-----
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1071 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :27438863D2DEF739D263E0D0F4C607E3
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170317235959Z
> 265:d=1 hl=3 l= 131 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 16 cons: SET
> 301:d=3 hl=2 l= 14 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 317:d=2 hl=2 l= 31 cons: SET
> 319:d=3 hl=2 l= 29 cons: SEQUENCE
> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 326:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 350:d=2 hl=2 l= 14 cons: SET
> 352:d=3 hl=2 l= 12 cons: SEQUENCE
> 354:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 359:d=4 hl=2 l= 5 prim: T61STRING :NWICS
> 366:d=2 hl=2 l= 31 cons: SET
> 368:d=3 hl=2 l= 29 cons: SEQUENCE
> 370:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 375:d=4 hl=2 l= 22 prim: T61STRING :efsnet.concordebiz.com
> 399:d=1 hl=4 l= 290 cons: SEQUENCE
> 403:d=2 hl=2 l= 13 cons: SEQUENCE
> 405:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 416:d=3 hl=2 l= 0 prim: NULL
> 418:d=2 hl=4 l= 271 prim: BIT STRING
> 693:d=1 hl=4 l= 378 cons: cont [ 3 ]
> 697:d=2 hl=4 l= 374 cons: SEQUENCE
> 701:d=3 hl=2 l= 33 cons: SEQUENCE
> 703:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 708:d=4 hl=2 l= 26 prim: OCTET STRING [HEX
> DUMP]:301882166566736E65742E636F6E636F72646562697A2E636F6D
> 736:d=3 hl=2 l= 9 cons: SEQUENCE
> 738:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 743:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 747:d=3 hl=2 l= 14 cons: SEQUENCE
> 749:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 754:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 757:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 763:d=3 hl=2 l= 40 cons: SEQUENCE
> 765:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 770:d=4 hl=2 l= 33 prim: OCTET STRING [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
> 805:d=3 hl=2 l= 101 cons: SEQUENCE
> 807:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 812:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 908:d=3 hl=2 l= 31 cons: SEQUENCE
> 910:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 915:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
> 941:d=3 hl=2 l= 43 cons: SEQUENCE
> 943:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 948:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 986:d=3 hl=2 l= 87 cons: SEQUENCE
> 988:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 998:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
>
> Base64 TBSCertificate:
> MIIEL6ADAgECAhAnQ4hj0t73OdJj4ND0xgfjMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYxMDE0MDAwMDAwWhcNMTcwMzE3MjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEgQ29y
> cG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR8wHQYDVQQDFBZlZnNuZXQuY29uY29yZGViaXouY29t
> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ilff8I/e2mIApAECk+p76XOZikNudBo
> tjILswCtLcr9LUHBuxIzLDkGxXe2w+iGxd0NZPX0ZS8llIJSMXhGIbt68HvgC3NB50v8ry6W4b8E
> AHyX6Fx42BBKPJsliGmv8X6oU8til8hzAmChDoy3uAJZTirCxSAEFP86d1sLDy9b2Fy2rNqTlC3P
> hn5glURsg4TgvsxRgzu33oDUGB7sftzKCaUJmYYIiEw8a5UbA8Mk4dxPODr7pKnItEH/CkJmPekw
> N2RexlMy7UkX9RPSFFLQ+PiaOEQXv/4VZmv8udq5u6UtyWda5HraU+VkF8qX0VWiM+r+GH0aG23N
> 1irQ8wIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWZWZzbmV0LmNvbmNvcmRlYml6LmNvbTAJBgNV
> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCG
> SAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9k
> LnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uu
> c3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydA==
>
>
> -----------------------------------
>
> prod.dw.us.fdcnet.biz (based on
> https://crt.sh/?sha256=1B7004DBDDF8F649948304CEA18B3919A668AEDB7B1BC45BAC8E9
> 0CD59913C4F, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFRTCCBC2gAwIBAgIQA9N1TT3RQCYREke2ZUyiMDANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYIxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEeMBwGA1UEAxQVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
> AQEA1kCMHpW82GAzU7/GaW1kThk+rvEkvU+jNc97f1SdaAgeTPr1P9Ktoec6qlun
> rHhWD8oc6ipgr5CzIu8XNSF/fOYVDcgN8GOop7HrNtggbf+THn/VkiX4DTLW5eCH
> hDKaegMrM2uMBquKHWPY/bk9vAPPCG4TUe6p06zICtmAfp3wDK+XcZrsFlWgtGEs
> ZZsEYeuvOvwG7tuORCNDKJhgRWM9Ga597tuHA5I3pRBPWJnkHamN5TNf5js3uAT9
> Sv8l2ZSjbeFZVzTse7JfjOWAu2jbAFq5oUPrOAQsjo5G81gueilr+nhrFqVxIFK9
> FJihSAoSTQoZvGi2XFNET8yRVwIDAQABo4IBeTCCAXUwIAYDVR0RBBkwF4IVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCgG
> A1UdJQQhMB8GCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBMGUGA1UdIARe
> MFwwWgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
> Y29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAf
> BgNVHSMEGDAWgBTXm3zYIqAV992tX84pm1jDvEYAtTArBgNVHR8EJDAiMCCgHqAc
> hhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNybDBXBggrBgEFBQcBAQRLMEkwHwYI
> KwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6
> Ly9zZS5zeW1jYi5jb20vc2UuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQAyFdPtk7kZ
> Q2MuQvVEYn+gTDcEuDAbuYrkWYQrBPxM12rPY2iavAK3coOCdyybxT0FZoguwbqt
> uyhPj62dUnUJrGJTrIIsoSggGLqps210mx3WF9/W4mFPfqY7mw0wCc2nDqtTJQkD
> y9J5cibHRJuqynqFmN3jOjQxyL5uc2YJbbzcdWX0JBV+Q01enplXKZ2Szxll8vn+
> /4TuIhYvaIj4NlutNrCgtPULe6TAeacMcMWJeMRgiaBBLdNWtf2POJ0k9yw7adx0
> cGIS4o7oaBeOdpk58581Fzn7CA4Hnj5RBd9M7zKEWeAkShHCzOEqTO5Tvs+lZUy2
> 80Z+cwAY5cWv
> -----END CERTIFICATE-----
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1069 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :20C24DFC0453E8B189F4A1E937299C84
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 188 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 54 cons: SET
> 179:d=3 hl=2 l= 52 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 45 prim: PRINTABLESTRING :VeriSign Class 3
> International Server CA - G3
> 233:d=1 hl=2 l= 30 cons: SEQUENCE
> 235:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 250:d=2 hl=2 l= 13 prim: UTCTIME :170317235959Z
> 265:d=1 hl=3 l= 130 cons: SEQUENCE
> 268:d=2 hl=2 l= 11 cons: SET
> 270:d=3 hl=2 l= 9 cons: SEQUENCE
> 272:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 277:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 281:d=2 hl=2 l= 16 cons: SET
> 283:d=3 hl=2 l= 14 cons: SEQUENCE
> 285:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 290:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 299:d=2 hl=2 l= 16 cons: SET
> 301:d=3 hl=2 l= 14 cons: SEQUENCE
> 303:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 308:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 317:d=2 hl=2 l= 31 cons: SET
> 319:d=3 hl=2 l= 29 cons: SEQUENCE
> 321:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 326:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 350:d=2 hl=2 l= 14 cons: SET
> 352:d=3 hl=2 l= 12 cons: SEQUENCE
> 354:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 359:d=4 hl=2 l= 5 prim: T61STRING :NWICS
> 366:d=2 hl=2 l= 30 cons: SET
> 368:d=3 hl=2 l= 28 cons: SEQUENCE
> 370:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 375:d=4 hl=2 l= 21 prim: T61STRING :prod.dw.us.fdcnet.biz
> 398:d=1 hl=4 l= 290 cons: SEQUENCE
> 402:d=2 hl=2 l= 13 cons: SEQUENCE
> 404:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 415:d=3 hl=2 l= 0 prim: NULL
> 417:d=2 hl=4 l= 271 prim: BIT STRING
> 692:d=1 hl=4 l= 377 cons: cont [ 3 ]
> 696:d=2 hl=4 l= 373 cons: SEQUENCE
> 700:d=3 hl=2 l= 32 cons: SEQUENCE
> 702:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 707:d=4 hl=2 l= 25 prim: OCTET STRING [HEX
> DUMP]:3017821570726F642E64772E75732E6664636E65742E62697A
> 734:d=3 hl=2 l= 9 cons: SEQUENCE
> 736:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 741:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 745:d=3 hl=2 l= 14 cons: SEQUENCE
> 747:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 752:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 755:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 761:d=3 hl=2 l= 40 cons: SEQUENCE
> 763:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 768:d=4 hl=2 l= 33 prim: OCTET STRING [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
> 803:d=3 hl=2 l= 101 cons: SEQUENCE
> 805:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 810:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 906:d=3 hl=2 l= 31 cons: SEQUENCE
> 908:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 913:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
> 939:d=3 hl=2 l= 43 cons: SEQUENCE
> 941:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 946:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
> 984:d=3 hl=2 l= 87 cons: SEQUENCE
> 986:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 996:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
>
> Base64 TBSCertificate:
> MIIELaADAgECAhAgwk38BFPosYn0oek3KZyEMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYxMDE0MDAwMDAwWhcNMTcwMzE3MjM1OTU5WjCBgjELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEgQ29y
> cG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR4wHAYDVQQDFBVwcm9kLmR3LnVzLmZkY25ldC5iaXow
> ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWQIwelbzYYDNTv8ZpbWROGT6u8SS9T6M1
> z3t/VJ1oCB5M+vU/0q2h5zqqW6eseFYPyhzqKmCvkLMi7xc1IX985hUNyA3wY6inses22CBt/5Me
> f9WSJfgNMtbl4IeEMpp6Aysza4wGq4odY9j9uT28A88IbhNR7qnTrMgK2YB+nfAMr5dxmuwWVaC0
> YSxlmwRh6686/Abu245EI0MomGBFYz0Zrn3u24cDkjelEE9YmeQdqY3lM1/mOze4BP1K/yXZlKNt
> 4VlXNOx7sl+M5YC7aNsAWrmhQ+s4BCyOjkbzWC56KWv6eGsWpXEgUr0UmKFIChJNChm8aLZcU0RP
> zJFXAgMBAAGjggF5MIIBdTAgBgNVHREEGTAXghVwcm9kLmR3LnVzLmZkY25ldC5iaXowCQYDVR0T
> BAIwADAOBgNVHQ8BAf8EBAMCBaAwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgB
> hvhCBAEwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1Ud
> IwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5z
> eW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NlLnN5
> bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NlLnN5bWNiLmNvbS9zZS5jcnQ=
>
>
> --------------------------------------------
>
> support.datawire.net (based on
> https://crt.sh/?sha256=4dec1059061a0a30a99bc8410162ec2bfa5f84a03ed1388841569
> 4ab182c1fb5, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFNDCCBBygAwIBAgIQIX0er30siBqy4r46XFhn1jANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQxMDI5
> MDAwMDAwWhcNMTYxMDI5MjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMR0wGwYDVQQDFBRzdXBwb3J0
> LmRhdGF3aXJlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANc4
> +MVG/beelCw0hKtSYx17rM5aHxPmzjcKBMgEOEJjoJ8fNVa+ja18J9SvbFio0r49
> BjlKtCBdBjfghhtD9oimOkDLonVi/Bg+kLKci23xn1kkFFDwkLLadmpYT+Kliq03
> W28cY/ztB+kXFmnsbZ/umpPKA5ffbUKjKLchpMv+d/tZB2WWvQn5JXwVbFayMt5X
> eQpaP5NhGkjHEFlEblDBUXJpsrsj18/IsdICzyg1+GPt7SWwQI0BF/N5L+dYNHJ9
> 7sLHJ6/hj1ecS+q8NjwM1YcsEHoiYFdC22KMMQGfLQi5T9sxeM+FWkerL49tgiii
> eb4xqW2O3gEFy9Z4AV0CAwEAAaOCAW0wggFpMB8GA1UdEQQYMBaCFHN1cHBvcnQu
> ZGF0YXdpcmUubmV0MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
> MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUH
> AgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNE
> wYJ+HSCrJfQBY9i+eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNi
> LmNvbS9zZC5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8v
> c2Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3Nk
> LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAZhkiyE6cHiH/TRYN8pKrpxOGSmep6/2R
> WUtjvlGhOnWMWU1Nktk/rJghTGOjKtW/KDqsuucHHquld9N+NUxdcvQY/xjd/MoS
> BPsJjoK1ATwEUlOAmHNcFahrM+bZJYwO1pTdn3dRcnZU/N1v3ioMmcGxqKEcC83P
> wxusfTgJca0X/TvMilT69y/2tw37RhUywYAosOyVJaIWV6t0ckHqRY3fN5wRJUf4
> 3Nw2g6cj5I1381Yh/XCQEehnGY8dsSXmgNOudI+PdwmyqmJLDD31XDDhVpxsxLaF
> 6ffj0ylMV+ocIogA46VeDCkOaNpCjz6G/L0Qv1/gI2IF8ZyMNvoMYA==
> -----END CERTIFICATE-----
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1052 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :23754E9A4A58BDD3C160079CB8FBDC58
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :170317235959Z
> 258:d=1 hl=3 l= 132 cons: SEQUENCE
> 261:d=2 hl=2 l= 11 cons: SET
> 263:d=3 hl=2 l= 9 cons: SEQUENCE
> 265:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 270:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 274:d=2 hl=2 l= 16 cons: SET
> 276:d=3 hl=2 l= 14 cons: SEQUENCE
> 278:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 283:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 292:d=2 hl=2 l= 16 cons: SET
> 294:d=3 hl=2 l= 14 cons: SEQUENCE
> 296:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 301:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 310:d=2 hl=2 l= 31 cons: SET
> 312:d=3 hl=2 l= 29 cons: SEQUENCE
> 314:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 319:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 343:d=2 hl=2 l= 17 cons: SET
> 345:d=3 hl=2 l= 15 cons: SEQUENCE
> 347:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 352:d=4 hl=2 l= 8 prim: T61STRING :Datawire
> 362:d=2 hl=2 l= 29 cons: SET
> 364:d=3 hl=2 l= 27 cons: SEQUENCE
> 366:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 371:d=4 hl=2 l= 20 prim: T61STRING :support.datawire.net
> 393:d=1 hl=4 l= 290 cons: SEQUENCE
> 397:d=2 hl=2 l= 13 cons: SEQUENCE
> 399:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 410:d=3 hl=2 l= 0 prim: NULL
> 412:d=2 hl=4 l= 271 prim: BIT STRING
> 687:d=1 hl=4 l= 365 cons: cont [ 3 ]
> 691:d=2 hl=4 l= 361 cons: SEQUENCE
> 695:d=3 hl=2 l= 31 cons: SEQUENCE
> 697:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 702:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:30168214737570706F72742E64617461776972652E6E6574
> 728:d=3 hl=2 l= 9 cons: SEQUENCE
> 730:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 735:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 739:d=3 hl=2 l= 14 cons: SEQUENCE
> 741:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 746:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 749:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 755:d=3 hl=2 l= 29 cons: SEQUENCE
> 757:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 762:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 786:d=3 hl=2 l= 101 cons: SEQUENCE
> 788:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 793:d=4 hl=2 l= 94 prim: OCTET STRING [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
> 889:d=3 hl=2 l= 31 cons: SEQUENCE
> 891:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 896:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 922:d=3 hl=2 l= 43 cons: SEQUENCE
> 924:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 929:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 967:d=3 hl=2 l= 87 cons: SEQUENCE
> 969:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 979:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
> Base64 TBSCertificate:
> MIIEHKADAgECAhAjdU6aSli908FgB5y4+9xYMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jwb3JhdGlv
> bjERMA8GA1UECxQIRGF0YXdpcmUxHTAbBgNVBAMUFHN1cHBvcnQuZGF0YXdpcmUubmV0MIIBIjAN
> BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zj4xUb9t56ULDSEq1JjHXuszlofE+bONwoEyAQ4
> QmOgnx81Vr6NrXwn1K9sWKjSvj0GOUq0IF0GN+CGG0P2iKY6QMuidWL8GD6QspyLbfGfWSQUUPCQ
> stp2alhP4qWKrTdbbxxj/O0H6RcWaextn+6ak8oDl99tQqMotyGky/53+1kHZZa9CfklfBVsVrIy
> 3ld5Clo/k2EaSMcQWURuUMFRcmmyuyPXz8ix0gLPKDX4Y+3tJbBAjQEX83kv51g0cn3uwscnr+GP
> V5xL6rw2PAzVhywQeiJgV0LbYowxAZ8tCLlP2zF4z4VaR6svj22CKKJ5vjGpbY7eAQXL1ngBXQID
> AQABo4IBbTCCAWkwHwYDVR0RBBgwFoIUc3VwcG9ydC5kYXRhd2lyZS5uZXQwCQYDVR0TBAIwADAO
> BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGUGA1UdIAReMFww
> WgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggr
> BgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4d
> IKsl9AFj2L55pTArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNybDBX
> BggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYIKwYBBQUH
> MAKGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3J0
>
>
> ----------------------------------------------
>
> vxn.datawire.net (based on
> https://crt.sh/?sha256=BD41104E071B4B8EE67395FC916C333FE05B06737D6E50B4E4673
> C3A76CA2110, shown below)
>
> -----BEGIN CERTIFICATE-----
> MIIFKDCCBBCgAwIBAgIQcU8GvyL+RFnjJEvuiTDsUzANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMRkwFwYDVQQDFBB2eG4uZGF0
> YXdpcmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDba7upf
> JEgF7+P2H/KdNsKrsQ7qHv8XAPjOQVoiedCoPmjz2ITA/VZR3+aOxf6GwhMkXSR5
> w6I9MquJHT5Nj4O9WeAkpWLo86SVPSRWqMRWKv1XbOZOSpZCAgn7piUqzjixILWh
> NRJacpJr/sjDS5AmV8t8ckStlsghiAWR8UXMXto8k8G9afZT0BNZKZtMub6fDIbu
> gPifVmm6gK76RnAFVwXGG5NunXTj9MQwp7EYtu0+5x4Ryb5XB5moOnZQE+bCNMlP
> 1umpbgKNzZxeEqLZgRz3TbOBpehuYplb2M6axjd8vQlfsXJqEYgWUlWVH+d3VaUU
> nEr3QkAMtqOhuQIDAQABo4IBZTCCAWEwGwYDVR0RBBQwEoIQdnhuLmRhdGF3aXJl
> Lm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
> BQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcC
> ARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6
> Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+
> eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmww
> VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29t
> MCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNydDANBgkqhkiG
> 9w0BAQUFAAOCAQEAh8kZ9DvUDx/HMH2D69a6HxRcEf+OOLHrGmrCLS1Trp3UI3ci
> x38ohV4HRfkmV+cg/1mctCSSfOaecre9NJvXYLSbrwWg90tT7fZlkG/VH+50VVmV
> yUPVyUdhAg87E01FcqeW8gV1GRNlZ5S/y9Vi1C9+yIPpzFEUuwxbqZaLbeElvYJg
> ydtjZwLT7UwlERhZLzxAFB4uU9G9Ghi2qgkvKPAFZhdk3MXD79iWi9YUYOUDQA3+
> 6ikPcUMn4KCxJvNSURTBVQuz0qGQw1pp2ON9GIiSxw24ha6L3BbZMJrKRKPTOjy8
> YasYiS4hpUDvlwl5MMlOCuCE8/gnPvju9UHALg==
> -----END CERTIFICATE-----
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1040 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :6BFAA1E1CF6B3068033D10AB7AE42DDE
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :170317235959Z
> 258:d=1 hl=3 l= 128 cons: SEQUENCE
> 261:d=2 hl=2 l= 11 cons: SET
> 263:d=3 hl=2 l= 9 cons: SEQUENCE
> 265:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 270:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 274:d=2 hl=2 l= 16 cons: SET
> 276:d=3 hl=2 l= 14 cons: SEQUENCE
> 278:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 283:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 292:d=2 hl=2 l= 16 cons: SET
> 294:d=3 hl=2 l= 14 cons: SEQUENCE
> 296:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 301:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 310:d=2 hl=2 l= 31 cons: SET
> 312:d=3 hl=2 l= 29 cons: SEQUENCE
> 314:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 319:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 343:d=2 hl=2 l= 17 cons: SET
> 345:d=3 hl=2 l= 15 cons: SEQUENCE
> 347:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 352:d=4 hl=2 l= 8 prim: T61STRING :Datawire
> 362:d=2 hl=2 l= 25 cons: SET
> 364:d=3 hl=2 l= 23 cons: SEQUENCE
> 366:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 371:d=4 hl=2 l= 16 prim: T61STRING :vxn.datawire.net
> 389:d=1 hl=4 l= 290 cons: SEQUENCE
> 393:d=2 hl=2 l= 13 cons: SEQUENCE
> 395:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 406:d=3 hl=2 l= 0 prim: NULL
> 408:d=2 hl=4 l= 271 prim: BIT STRING
> 683:d=1 hl=4 l= 357 cons: cont [ 3 ]
> 687:d=2 hl=4 l= 353 cons: SEQUENCE
> 691:d=3 hl=2 l= 27 cons: SEQUENCE
> 693:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 698:d=4 hl=2 l= 20 prim: OCTET STRING [HEX
> DUMP]:3012821076786E2E64617461776972652E6E6574
> 720:d=3 hl=2 l= 9 cons: SEQUENCE
> 722:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 727:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 731:d=3 hl=2 l= 14 cons: SEQUENCE
> 733:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 738:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 741:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 747:d=3 hl=2 l= 29 cons: SEQUENCE
> 749:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 754:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 778:d=3 hl=2 l= 97 cons: SEQUENCE
> 780:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 785:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 877:d=3 hl=2 l= 31 cons: SEQUENCE
> 879:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 884:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 910:d=3 hl=2 l= 43 cons: SEQUENCE
> 912:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 917:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 955:d=3 hl=2 l= 87 cons: SEQUENCE
> 957:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 967:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
> Base64 TBSCertificate:
> MIIEEKADAgECAhBr+qHhz2swaAM9EKt65C3eMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jwb3JhdGlv
> bjERMA8GA1UECxQIRGF0YXdpcmUxGTAXBgNVBAMUEHZ4bi5kYXRhd2lyZS5uZXQwggEiMA0GCSqG
> SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNtru6l8kSAXv4/Yf8p02wquxDuoe/xcA+M5BWiJ50Kg+
> aPPYhMD9VlHf5o7F/obCEyRdJHnDoj0yq4kdPk2Pg71Z4CSlYujzpJU9JFaoxFYq/Vds5k5KlkIC
> CfumJSrOOLEgtaE1Elpykmv+yMNLkCZXy3xyRK2WyCGIBZHxRcxe2jyTwb1p9lPQE1kpm0y5vp8M
> hu6A+J9WabqArvpGcAVXBcYbk26ddOP0xDCnsRi27T7nHhHJvlcHmag6dlAT5sI0yU/W6aluAo3N
> nF4SotmBHPdNs4Gl6G5imVvYzprGN3y9CV+xcmoRiBZSVZUf53dVpRScSvdCQAy2o6G5AgMBAAGj
> ggFlMIIBYTAbBgNVHREEFDASghB2eG4uZGF0YXdpcmUubmV0MAkGA1UdEwQCMAAwDgYDVR0PAQH/
> BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBhBgNVHSAEWjBYMFYGBmeBDAEC
> AjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdo
> dHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTAr
> BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNybDBXBggrBgEFBQcBAQRL
> MEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9z
> ZC5zeW1jYi5jb20vc2QuY3J0
>
>
> --------------------------------------------
>
> vxn1.datawire.net (based on https://crt.sh/?sha256=
> f9836701e490be00496f758827cb7cd7c3e6ccf3bd019e70b984344b7bee30ba, shown
> below)
>
> -----BEGIN CERTIFICATE-----
> MIIFJjCCBA6gAwIBAgIQF7J0vivjXvfrlJdtps1vxTANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjB+MQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBD
> b3Jwb3JhdGlvbjEOMAwGA1UECxQFRFdPUFMxGjAYBgNVBAMUEXZ4bjEuZGF0YXdp
> cmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrY4LUYBjezk
> AryX0ArxEy2XIelxc6IINIGYjZVQ5Ahrmk7HNNkfcEHtTyKwa+7QIn22EQ2izA5c
> 2659t5Xy9WgxTSgJ6Rm+Z04ca7pw1HCTE9ToqGz6XqG9560qEJUNw0nFAjdQKqzr
> KVZADipWGTvduVyqMcL1F1xmQRy2Eqjv8k/QHRfsQWcSgLR0G2DX0aylQ1NPmUmv
> T002uCKd82qkgo7NXoEvS2m+T38Uxh6xso+wcjIWzEWeSTQ8qvBU/9oAmhd4A+gw
> 2L0f/xYUYWJZySGbZXr3indobSkhPTZk+BoEc8nvsD32jL4rL83rIkyUlftsH3ht
> TWubGdmF6wIDAQABo4IBZjCCAWIwHAYDVR0RBBUwE4IRdnhuMS5kYXRhd2lyZS5u
> ZXQwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
> AwEGCCsGAQUFBwMCMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEW
> F2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0AWPYvnml
> MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3JsMFcG
> CCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NkLnN5bWNkLmNvbTAm
> BggrBgEFBQcwAoYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcnQwDQYJKoZIhvcN
> AQEFBQADggEBAHpQ1jDkQ32iqdxwsUoFANDF/2ALcwjhkzRKvmbWWHaKBprJAyDL
> sQYR56MBs/oCcT9ALPmcfVzVj3m+hMNTb61i8n9m9Q8sR+43/UkmZElvQ1JzkaGx
> YHf9sfWXzNOUcjO0d+VXfuRY/otPxAIUV48LCYgY7joe8XAQvCL2XR8t7Qnn8DwG
> wCzGnCkCgDBxBVHC6XCKBsaSsuAhED5XG7Lm0MVIPHS6fkC1SGtW29mX+FaiKLop
> RJCGK5BiMOcPeQYIHlh1W809xFAKH/dRJeehpIM7cJZPSxxtiArbqjSn6rMfOE5Z
> 8pTlvBq6Zj1F/U2lIIi21LQKEtlEoBXR5YY=
> -----END CERTIFICATE-----
>
> Parsed TBSCertificate:
> 0:d=0 hl=4 l=1038 cons: SEQUENCE
> 4:d=1 hl=2 l= 3 cons: cont [ 0 ]
> 6:d=2 hl=2 l= 1 prim: INTEGER :02
> 9:d=1 hl=2 l= 16 prim: INTEGER
> :24249CCA94D660E50363FF7F47DC7107
> 27:d=1 hl=2 l= 13 cons: SEQUENCE
> 29:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
> 40:d=2 hl=2 l= 0 prim: NULL
> 42:d=1 hl=3 l= 181 cons: SEQUENCE
> 45:d=2 hl=2 l= 11 cons: SET
> 47:d=3 hl=2 l= 9 cons: SEQUENCE
> 49:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 54:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 58:d=2 hl=2 l= 23 cons: SET
> 60:d=3 hl=2 l= 21 cons: SEQUENCE
> 62:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 67:d=4 hl=2 l= 14 prim: PRINTABLESTRING :VeriSign, Inc.
> 83:d=2 hl=2 l= 31 cons: SET
> 85:d=3 hl=2 l= 29 cons: SEQUENCE
> 87:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 92:d=4 hl=2 l= 22 prim: PRINTABLESTRING :VeriSign Trust Network
> 116:d=2 hl=2 l= 59 cons: SET
> 118:d=3 hl=2 l= 57 cons: SEQUENCE
> 120:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 125:d=4 hl=2 l= 50 prim: PRINTABLESTRING :Terms of use at
> https://www.verisign.com/rpa (c)10
> 177:d=2 hl=2 l= 47 cons: SET
> 179:d=3 hl=2 l= 45 cons: SEQUENCE
> 181:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 186:d=4 hl=2 l= 38 prim: PRINTABLESTRING :VeriSign Class 3 Secure
> Server CA - G3
> 226:d=1 hl=2 l= 30 cons: SEQUENCE
> 228:d=2 hl=2 l= 13 prim: UTCTIME :161014000000Z
> 243:d=2 hl=2 l= 13 prim: UTCTIME :170317235959Z
> 258:d=1 hl=2 l= 126 cons: SEQUENCE
> 260:d=2 hl=2 l= 11 cons: SET
> 262:d=3 hl=2 l= 9 cons: SEQUENCE
> 264:d=4 hl=2 l= 3 prim: OBJECT :countryName
> 269:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US
> 273:d=2 hl=2 l= 16 cons: SET
> 275:d=3 hl=2 l= 14 cons: SEQUENCE
> 277:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
> 282:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Georgia
> 291:d=2 hl=2 l= 16 cons: SET
> 293:d=3 hl=2 l= 14 cons: SEQUENCE
> 295:d=4 hl=2 l= 3 prim: OBJECT :localityName
> 300:d=4 hl=2 l= 7 prim: T61STRING :Atlanta
> 309:d=2 hl=2 l= 31 cons: SET
> 311:d=3 hl=2 l= 29 cons: SEQUENCE
> 313:d=4 hl=2 l= 3 prim: OBJECT :organizationName
> 318:d=4 hl=2 l= 22 prim: T61STRING :First Data Corporation
> 342:d=2 hl=2 l= 14 cons: SET
> 344:d=3 hl=2 l= 12 cons: SEQUENCE
> 346:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName
> 351:d=4 hl=2 l= 5 prim: T61STRING :DWOPS
> 358:d=2 hl=2 l= 26 cons: SET
> 360:d=3 hl=2 l= 24 cons: SEQUENCE
> 362:d=4 hl=2 l= 3 prim: OBJECT :commonName
> 367:d=4 hl=2 l= 17 prim: T61STRING :vxn1.datawire.net
> 386:d=1 hl=4 l= 290 cons: SEQUENCE
> 390:d=2 hl=2 l= 13 cons: SEQUENCE
> 392:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption
> 403:d=3 hl=2 l= 0 prim: NULL
> 405:d=2 hl=4 l= 271 prim: BIT STRING
> 680:d=1 hl=4 l= 358 cons: cont [ 3 ]
> 684:d=2 hl=4 l= 354 cons: SEQUENCE
> 688:d=3 hl=2 l= 28 cons: SEQUENCE
> 690:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative
> Name
> 695:d=4 hl=2 l= 21 prim: OCTET STRING [HEX
> DUMP]:3013821176786E312E64617461776972652E6E6574
> 718:d=3 hl=2 l= 9 cons: SEQUENCE
> 720:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
> 725:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000
> 729:d=3 hl=2 l= 14 cons: SEQUENCE
> 731:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
> 736:d=4 hl=2 l= 1 prim: BOOLEAN :255
> 739:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0
> 745:d=3 hl=2 l= 29 cons: SEQUENCE
> 747:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
> 752:d=4 hl=2 l= 22 prim: OCTET STRING [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
> 776:d=3 hl=2 l= 97 cons: SEQUENCE
> 778:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies
> 783:d=4 hl=2 l= 90 prim: OCTET STRING [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
> 875:d=3 hl=2 l= 31 cons: SEQUENCE
> 877:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key
> Identifier
> 882:d=4 hl=2 l= 24 prim: OCTET STRING [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
> 908:d=3 hl=2 l= 43 cons: SEQUENCE
> 910:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution
> Points
> 915:d=4 hl=2 l= 36 prim: OCTET STRING [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
> 953:d=3 hl=2 l= 87 cons: SEQUENCE
> 955:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access
> 965:d=4 hl=2 l= 75 prim: OCTET STRING [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
>
> Base64 TBSCertificate:
> MIIEDqADAgECAhAkJJzKlNZg5QNj/39H3HEHMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdH
> ZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJzdCBEYXRhIENvcnBvcmF0aW9u
> MQ4wDAYDVQQLFAVEV09QUzEaMBgGA1UEAxQRdnhuMS5kYXRhd2lyZS5uZXQwggEiMA0GCSqGSIb3
> DQEBAQUAA4IBDwAwggEKAoIBAQDOtjgtRgGN7OQCvJfQCvETLZch6XFzogg0gZiNlVDkCGuaTsc0
> 2R9wQe1PIrBr7tAifbYRDaLMDlzbrn23lfL1aDFNKAnpGb5nThxrunDUcJMT1OiobPpeob3nrSoQ
> lQ3DScUCN1AqrOspVkAOKlYZO925XKoxwvUXXGZBHLYSqO/yT9AdF+xBZxKAtHQbYNfRrKVDU0+Z
> Sa9PTTa4Ip3zaqSCjs1egS9Lab5PfxTGHrGyj7ByMhbMRZ5JNDyq8FT/2gCaF3gD6DDYvR//FhRh
> YlnJIZtleveKd2htKSE9NmT4GgRzye+wPfaMvisvzesiTJSV+2wfeG1Na5sZ2YXrAgMBAAGjggFm
> MIIBYjAcBgNVHREEFTATghF2eG4xLmRhdGF3aXJlLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE
> AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0
> cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUwKwYD
> VR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmwwVwYIKwYBBQUHAQEESzBJ
> MB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Qu
> c3ltY2IuY29tL3NkLmNydA==
>
> -----Original Message-----
> From: Dean Coclin
> Sent: Thursday, September 29, 2016 11:53 AM
> To: CABFPub <public at cabforum.org>
> Cc: Halliday, Morgan <Morgan.Halliday at firstdata.com>; Sidoriak, Evan S
> <Evan.Sidoriak at firstdata.com>
> Subject: SHA-1 exception request
>
>
> In accordance with the SHA-1 Exception Request procedure, we hereby submit
> the attached request on behalf of our client.
>
> Attached please find the answers to the questions in Step 1 of the
> procedure.
>
> TBS certificates are being generated and will be submitted in a separate
> email within 24 hours.
>
>
>
>
> Dean Coclin
> Sr. Director Business Development
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
More information about the Public
mailing list