[cabfpub] SHA-1 exception request

Peter Bowen pzb at amzn.com
Fri Sep 30 05:10:48 UTC 2016


I ran all the tbsCertificates below against a collision detection tool that checks both MD5 and SHA1.  The results below show no issues.  Note that I included a control sample (the tbsResponseData from Andrew Ayer’s OCSP demo) as well, so the last item is known bad.

md5 df43ef300f427727f362c217684efb8f datawire.tbs
sha1 e1afbe73d5ffbc07457e3f81640b906c4e4c8049 datawire.tbs
md5 13f18c436d76ec1d6d80c0e78ee87588 efsnet.tbs
sha1 66b70c95e0bb94831ea9a1fa300779d82abde81e efsnet.tbs
md5 09a1e6e01a9fd6936508e799b5d9fb8e fdcnet.tbs
sha1 fe139beecf7ec7382fda1cd5ebc4ddcb4f3a8347 fdcnet.tbs
md5 3cd6c8857b9608e09bdc981ae22e7445 vnx1.datawire.tbs
sha1 e3a45e1d4d670c9ecf1710e95ab18aceb7466645 vnx1.datawire.tbs
md5 74f7f20fb1320edc85b16bcc62854743 vxn.datawire.tbs
sha1 0ea656d1eef1769d78d85780e239f965a4f80c32 vxn.datawire.tbs
Found collision in block 16:
   dm: dm11=00000002
   ihv1=5f7afdb3b761d7d53372601b5f23f079
   ihv2=5f7afdb3b761cfd13372581b5f23e879
md5 *coll* 3d2a07f2573d9d788893272c1a2995ff tests/agwa-ocsp.tbs
sha1 948786fed616071a1ea2cd2106e7351bd917f2c5 tests/agwa-ocsp.tbs


> On Sep 29, 2016, at 11:58 AM, Dean Coclin <Dean_Coclin at symantec.com> wrote:
> 
> TBS Certificates below. We ask that the community give good consideration to
> this request.
> 
> Dean Coclin
> Symantec
> 
> To reconstitute the TBSCertificate in binary DER form, use the Linux
> command:
> base64 --decode > tbs.der
> Then paste in a block of text from below, followed by an EOF (control-D).
> 
> ----------------------------------------
> 
> efsnet.concordebiz.com (based on
> https://crt.sh/?sha256=A6D37F8B062725E722FE2C5EC01C6E740C407D88FD09BAC6797E7
> E9FFA11D534, shown below)
> 
> -----BEGIN CERTIFICATE-----
> MIIFRzCCBC+gAwIBAgIQcKVZiDz4oTfeDd+D7mgNajANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEfMB0GA1UEAxQWZWZz
> bmV0LmNvbmNvcmRlYml6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
> ggEBAPopX3/CP3tpiAKQBApPqe+lzmYpDbnQaLYyC7MArS3K/S1BwbsSMyw5BsV3
> tsPohsXdDWT19GUvJZSCUjF4RiG7evB74AtzQedL/K8uluG/BAB8l+hceNgQSjyb
> JYhpr/F+qFPLYpfIcwJgoQ6Mt7gCWU4qwsUgBBT/OndbCw8vW9hctqzak5Qtz4Z+
> YJVEbIOE4L7MUYM7t96A1Bge7H7cygmlCZmGCIhMPGuVGwPDJOHcTzg6+6SpyLRB
> /wpCZj3pMDdkXsZTMu1JF/UT0hRS0Pj4mjhEF7/+FWZr/LnaubulLclnWuR62lPl
> ZBfKl9FVojPq/hh9GhttzdYq0PMCAwEAAaOCAXowggF2MCEGA1UdEQQaMBiCFmVm
> c25ldC5jb25jb3JkZWJpei5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAw
> KAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwZQYDVR0g
> BF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1j
> Yi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBh
> MB8GA1UdIwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAe
> oByGGmh0dHA6Ly9zZS5zeW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAf
> BggrBgEFBQcwAYYTaHR0cDovL3NlLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0
> cDovL3NlLnN5bWNiLmNvbS9zZS5jcnQwDQYJKoZIhvcNAQEFBQADggEBAA0KIMJG
> eMtxtiDtAS9F6UZNhB5Lk97ZbK/QEuOsDeUdjbHqh2NbKtbWs0CEJI0wlVU9zkuI
> C0IOId0FnURdPz8WOvjwB1pZotniPVWZQ3lBbB+OrlO1WQzhMm26fOTz1o16Ohuu
> 5GNgjrBdy98fEW8Iklo2NZY8/PO6Hgy6NcfX0RfewbEN76yfc6ybl8OFh8rWsnFL
> JLLYnbe4etP4ZSu2e3lhNApQsNMINbP9/+A7qfYhJB3MrXsHUDfj22TC7NkFVU6O
> KbE09qqa50iUdNR/O+a76efWzx0F27nuxy1EBBDRyObtdnf2IFvJISH1PdLWNnmH
> aZRn54CARahmCqs=
> -----END CERTIFICATE-----
> 
> Parsed TBSCertificate:
>    0:d=0  hl=4 l=1071 cons: SEQUENCE          
>    4:d=1  hl=2 l=   3 cons: cont [ 0 ]        
>    6:d=2  hl=2 l=   1 prim: INTEGER           :02
>    9:d=1  hl=2 l=  16 prim: INTEGER
> :27438863D2DEF739D263E0D0F4C607E3
>   27:d=1  hl=2 l=  13 cons: SEQUENCE          
>   29:d=2  hl=2 l=   9 prim: OBJECT            :sha1WithRSAEncryption
>   40:d=2  hl=2 l=   0 prim: NULL              
>   42:d=1  hl=3 l= 188 cons: SEQUENCE          
>   45:d=2  hl=2 l=  11 cons: SET               
>   47:d=3  hl=2 l=   9 cons: SEQUENCE          
>   49:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>   54:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>   58:d=2  hl=2 l=  23 cons: SET               
>   60:d=3  hl=2 l=  21 cons: SEQUENCE          
>   62:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>   67:d=4  hl=2 l=  14 prim: PRINTABLESTRING   :VeriSign, Inc.
>   83:d=2  hl=2 l=  31 cons: SET               
>   85:d=3  hl=2 l=  29 cons: SEQUENCE          
>   87:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>   92:d=4  hl=2 l=  22 prim: PRINTABLESTRING   :VeriSign Trust Network
>  116:d=2  hl=2 l=  59 cons: SET               
>  118:d=3  hl=2 l=  57 cons: SEQUENCE          
>  120:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  125:d=4  hl=2 l=  50 prim: PRINTABLESTRING   :Terms of use at
> https://www.verisign.com/rpa (c)10
>  177:d=2  hl=2 l=  54 cons: SET               
>  179:d=3  hl=2 l=  52 cons: SEQUENCE          
>  181:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  186:d=4  hl=2 l=  45 prim: PRINTABLESTRING   :VeriSign Class 3
> International Server CA - G3
>  233:d=1  hl=2 l=  30 cons: SEQUENCE          
>  235:d=2  hl=2 l=  13 prim: UTCTIME           :161014000000Z
>  250:d=2  hl=2 l=  13 prim: UTCTIME           :170317235959Z
>  265:d=1  hl=3 l= 131 cons: SEQUENCE          
>  268:d=2  hl=2 l=  11 cons: SET               
>  270:d=3  hl=2 l=   9 cons: SEQUENCE          
>  272:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>  277:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>  281:d=2  hl=2 l=  16 cons: SET               
>  283:d=3  hl=2 l=  14 cons: SEQUENCE          
>  285:d=4  hl=2 l=   3 prim: OBJECT            :stateOrProvinceName
>  290:d=4  hl=2 l=   7 prim: PRINTABLESTRING   :Georgia
>  299:d=2  hl=2 l=  16 cons: SET               
>  301:d=3  hl=2 l=  14 cons: SEQUENCE          
>  303:d=4  hl=2 l=   3 prim: OBJECT            :localityName
>  308:d=4  hl=2 l=   7 prim: T61STRING         :Atlanta
>  317:d=2  hl=2 l=  31 cons: SET               
>  319:d=3  hl=2 l=  29 cons: SEQUENCE          
>  321:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>  326:d=4  hl=2 l=  22 prim: T61STRING         :First Data Corporation
>  350:d=2  hl=2 l=  14 cons: SET               
>  352:d=3  hl=2 l=  12 cons: SEQUENCE          
>  354:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  359:d=4  hl=2 l=   5 prim: T61STRING         :NWICS
>  366:d=2  hl=2 l=  31 cons: SET               
>  368:d=3  hl=2 l=  29 cons: SEQUENCE          
>  370:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  375:d=4  hl=2 l=  22 prim: T61STRING         :efsnet.concordebiz.com
>  399:d=1  hl=4 l= 290 cons: SEQUENCE          
>  403:d=2  hl=2 l=  13 cons: SEQUENCE          
>  405:d=3  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>  416:d=3  hl=2 l=   0 prim: NULL              
>  418:d=2  hl=4 l= 271 prim: BIT STRING        
>  693:d=1  hl=4 l= 378 cons: cont [ 3 ]        
>  697:d=2  hl=4 l= 374 cons: SEQUENCE          
>  701:d=3  hl=2 l=  33 cons: SEQUENCE          
>  703:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Alternative
> Name
>  708:d=4  hl=2 l=  26 prim: OCTET STRING      [HEX
> DUMP]:301882166566736E65742E636F6E636F72646562697A2E636F6D
>  736:d=3  hl=2 l=   9 cons: SEQUENCE          
>  738:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Basic Constraints
>  743:d=4  hl=2 l=   2 prim: OCTET STRING      [HEX DUMP]:3000
>  747:d=3  hl=2 l=  14 cons: SEQUENCE          
>  749:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Key Usage
>  754:d=4  hl=2 l=   1 prim: BOOLEAN           :255
>  757:d=4  hl=2 l=   4 prim: OCTET STRING      [HEX DUMP]:030205A0
>  763:d=3  hl=2 l=  40 cons: SEQUENCE          
>  765:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Extended Key Usage
>  770:d=4  hl=2 l=  33 prim: OCTET STRING      [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
>  805:d=3  hl=2 l= 101 cons: SEQUENCE          
>  807:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Certificate Policies
>  812:d=4  hl=2 l=  94 prim: OCTET STRING      [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
>  908:d=3  hl=2 l=  31 cons: SEQUENCE          
>  910:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key
> Identifier
>  915:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>  941:d=3  hl=2 l=  43 cons: SEQUENCE          
>  943:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution
> Points
>  948:d=4  hl=2 l=  36 prim: OCTET STRING      [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
>  986:d=3  hl=2 l=  87 cons: SEQUENCE          
>  988:d=4  hl=2 l=   8 prim: OBJECT            :Authority Information Access
>  998:d=4  hl=2 l=  75 prim: OCTET STRING      [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 
> Base64 TBSCertificate:
> MIIEL6ADAgECAhAnQ4hj0t73OdJj4ND0xgfjMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYxMDE0MDAwMDAwWhcNMTcwMzE3MjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEgQ29y
> cG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR8wHQYDVQQDFBZlZnNuZXQuY29uY29yZGViaXouY29t
> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ilff8I/e2mIApAECk+p76XOZikNudBo
> tjILswCtLcr9LUHBuxIzLDkGxXe2w+iGxd0NZPX0ZS8llIJSMXhGIbt68HvgC3NB50v8ry6W4b8E
> AHyX6Fx42BBKPJsliGmv8X6oU8til8hzAmChDoy3uAJZTirCxSAEFP86d1sLDy9b2Fy2rNqTlC3P
> hn5glURsg4TgvsxRgzu33oDUGB7sftzKCaUJmYYIiEw8a5UbA8Mk4dxPODr7pKnItEH/CkJmPekw
> N2RexlMy7UkX9RPSFFLQ+PiaOEQXv/4VZmv8udq5u6UtyWda5HraU+VkF8qX0VWiM+r+GH0aG23N
> 1irQ8wIDAQABo4IBejCCAXYwIQYDVR0RBBowGIIWZWZzbmV0LmNvbmNvcmRlYml6LmNvbTAJBgNV
> HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCG
> SAGG+EIEATBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9k
> LnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYD
> VR0jBBgwFoAU15t82CKgFffdrV/OKZtYw7xGALUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3Nl
> LnN5bWNiLmNvbS9zZS5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Uu
> c3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNydA==
> 
> 
> -----------------------------------
> 
> prod.dw.us.fdcnet.biz (based on
> https://crt.sh/?sha256=1B7004DBDDF8F649948304CEA18B3919A668AEDB7B1BC45BAC8E9
> 0CD59913C4F, shown below)
> 
> -----BEGIN CERTIFICATE-----
> MIIFRTCCBC2gAwIBAgIQA9N1TT3RQCYREke2ZUyiMDANBgkqhkiG9w0BAQUFADCB
> vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
> VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
> DTE0MTAyNzAwMDAwMFoXDTE2MTAyNzIzNTk1OVowgYIxCzAJBgNVBAYTAlVTMRAw
> DgYDVQQIEwdHZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJz
> dCBEYXRhIENvcnBvcmF0aW9uMQ4wDAYDVQQLFAVOV0lDUzEeMBwGA1UEAxQVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
> AQEA1kCMHpW82GAzU7/GaW1kThk+rvEkvU+jNc97f1SdaAgeTPr1P9Ktoec6qlun
> rHhWD8oc6ipgr5CzIu8XNSF/fOYVDcgN8GOop7HrNtggbf+THn/VkiX4DTLW5eCH
> hDKaegMrM2uMBquKHWPY/bk9vAPPCG4TUe6p06zICtmAfp3wDK+XcZrsFlWgtGEs
> ZZsEYeuvOvwG7tuORCNDKJhgRWM9Ga597tuHA5I3pRBPWJnkHamN5TNf5js3uAT9
> Sv8l2ZSjbeFZVzTse7JfjOWAu2jbAFq5oUPrOAQsjo5G81gueilr+nhrFqVxIFK9
> FJihSAoSTQoZvGi2XFNET8yRVwIDAQABo4IBeTCCAXUwIAYDVR0RBBkwF4IVcHJv
> ZC5kdy51cy5mZGNuZXQuYml6MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCgG
> A1UdJQQhMB8GCCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBMGUGA1UdIARe
> MFwwWgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
> Y29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAf
> BgNVHSMEGDAWgBTXm3zYIqAV992tX84pm1jDvEYAtTArBgNVHR8EJDAiMCCgHqAc
> hhpodHRwOi8vc2Uuc3ltY2IuY29tL3NlLmNybDBXBggrBgEFBQcBAQRLMEkwHwYI
> KwYBBQUHMAGGE2h0dHA6Ly9zZS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6
> Ly9zZS5zeW1jYi5jb20vc2UuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQAyFdPtk7kZ
> Q2MuQvVEYn+gTDcEuDAbuYrkWYQrBPxM12rPY2iavAK3coOCdyybxT0FZoguwbqt
> uyhPj62dUnUJrGJTrIIsoSggGLqps210mx3WF9/W4mFPfqY7mw0wCc2nDqtTJQkD
> y9J5cibHRJuqynqFmN3jOjQxyL5uc2YJbbzcdWX0JBV+Q01enplXKZ2Szxll8vn+
> /4TuIhYvaIj4NlutNrCgtPULe6TAeacMcMWJeMRgiaBBLdNWtf2POJ0k9yw7adx0
> cGIS4o7oaBeOdpk58581Fzn7CA4Hnj5RBd9M7zKEWeAkShHCzOEqTO5Tvs+lZUy2
> 80Z+cwAY5cWv
> -----END CERTIFICATE-----
> 
> Parsed TBSCertificate:
>    0:d=0  hl=4 l=1069 cons: SEQUENCE          
>    4:d=1  hl=2 l=   3 cons: cont [ 0 ]        
>    6:d=2  hl=2 l=   1 prim: INTEGER           :02
>    9:d=1  hl=2 l=  16 prim: INTEGER
> :20C24DFC0453E8B189F4A1E937299C84
>   27:d=1  hl=2 l=  13 cons: SEQUENCE          
>   29:d=2  hl=2 l=   9 prim: OBJECT            :sha1WithRSAEncryption
>   40:d=2  hl=2 l=   0 prim: NULL              
>   42:d=1  hl=3 l= 188 cons: SEQUENCE          
>   45:d=2  hl=2 l=  11 cons: SET               
>   47:d=3  hl=2 l=   9 cons: SEQUENCE          
>   49:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>   54:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>   58:d=2  hl=2 l=  23 cons: SET               
>   60:d=3  hl=2 l=  21 cons: SEQUENCE          
>   62:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>   67:d=4  hl=2 l=  14 prim: PRINTABLESTRING   :VeriSign, Inc.
>   83:d=2  hl=2 l=  31 cons: SET               
>   85:d=3  hl=2 l=  29 cons: SEQUENCE          
>   87:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>   92:d=4  hl=2 l=  22 prim: PRINTABLESTRING   :VeriSign Trust Network
>  116:d=2  hl=2 l=  59 cons: SET               
>  118:d=3  hl=2 l=  57 cons: SEQUENCE          
>  120:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  125:d=4  hl=2 l=  50 prim: PRINTABLESTRING   :Terms of use at
> https://www.verisign.com/rpa (c)10
>  177:d=2  hl=2 l=  54 cons: SET               
>  179:d=3  hl=2 l=  52 cons: SEQUENCE          
>  181:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  186:d=4  hl=2 l=  45 prim: PRINTABLESTRING   :VeriSign Class 3
> International Server CA - G3
>  233:d=1  hl=2 l=  30 cons: SEQUENCE          
>  235:d=2  hl=2 l=  13 prim: UTCTIME           :161014000000Z
>  250:d=2  hl=2 l=  13 prim: UTCTIME           :170317235959Z
>  265:d=1  hl=3 l= 130 cons: SEQUENCE          
>  268:d=2  hl=2 l=  11 cons: SET               
>  270:d=3  hl=2 l=   9 cons: SEQUENCE          
>  272:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>  277:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>  281:d=2  hl=2 l=  16 cons: SET               
>  283:d=3  hl=2 l=  14 cons: SEQUENCE          
>  285:d=4  hl=2 l=   3 prim: OBJECT            :stateOrProvinceName
>  290:d=4  hl=2 l=   7 prim: PRINTABLESTRING   :Georgia
>  299:d=2  hl=2 l=  16 cons: SET               
>  301:d=3  hl=2 l=  14 cons: SEQUENCE          
>  303:d=4  hl=2 l=   3 prim: OBJECT            :localityName
>  308:d=4  hl=2 l=   7 prim: T61STRING         :Atlanta
>  317:d=2  hl=2 l=  31 cons: SET               
>  319:d=3  hl=2 l=  29 cons: SEQUENCE          
>  321:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>  326:d=4  hl=2 l=  22 prim: T61STRING         :First Data Corporation
>  350:d=2  hl=2 l=  14 cons: SET               
>  352:d=3  hl=2 l=  12 cons: SEQUENCE          
>  354:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  359:d=4  hl=2 l=   5 prim: T61STRING         :NWICS
>  366:d=2  hl=2 l=  30 cons: SET               
>  368:d=3  hl=2 l=  28 cons: SEQUENCE          
>  370:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  375:d=4  hl=2 l=  21 prim: T61STRING         :prod.dw.us.fdcnet.biz
>  398:d=1  hl=4 l= 290 cons: SEQUENCE          
>  402:d=2  hl=2 l=  13 cons: SEQUENCE          
>  404:d=3  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>  415:d=3  hl=2 l=   0 prim: NULL              
>  417:d=2  hl=4 l= 271 prim: BIT STRING        
>  692:d=1  hl=4 l= 377 cons: cont [ 3 ]        
>  696:d=2  hl=4 l= 373 cons: SEQUENCE          
>  700:d=3  hl=2 l=  32 cons: SEQUENCE          
>  702:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Alternative
> Name
>  707:d=4  hl=2 l=  25 prim: OCTET STRING      [HEX
> DUMP]:3017821570726F642E64772E75732E6664636E65742E62697A
>  734:d=3  hl=2 l=   9 cons: SEQUENCE          
>  736:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Basic Constraints
>  741:d=4  hl=2 l=   2 prim: OCTET STRING      [HEX DUMP]:3000
>  745:d=3  hl=2 l=  14 cons: SEQUENCE          
>  747:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Key Usage
>  752:d=4  hl=2 l=   1 prim: BOOLEAN           :255
>  755:d=4  hl=2 l=   4 prim: OCTET STRING      [HEX DUMP]:030205A0
>  761:d=3  hl=2 l=  40 cons: SEQUENCE          
>  763:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Extended Key Usage
>  768:d=4  hl=2 l=  33 prim: OCTET STRING      [HEX
> DUMP]:301F06082B0601050507030106082B0601050507030206096086480186F8420401
>  803:d=3  hl=2 l= 101 cons: SEQUENCE          
>  805:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Certificate Policies
>  810:d=4  hl=2 l=  94 prim: OCTET STRING      [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
>  906:d=3  hl=2 l=  31 cons: SEQUENCE          
>  908:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key
> Identifier
>  913:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:30168014D79B7CD822A015F7DDAD5FCE299B58C3BC4600B5
>  939:d=3  hl=2 l=  43 cons: SEQUENCE          
>  941:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution
> Points
>  946:d=4  hl=2 l=  36 prim: OCTET STRING      [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73652E73796D63622E636F6D2F73652E6372
> 6C
>  984:d=3  hl=2 l=  87 cons: SEQUENCE          
>  986:d=4  hl=2 l=   8 prim: OBJECT            :Authority Information Access
>  996:d=4  hl=2 l=  75 prim: OCTET STRING      [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73652E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73652E73796D63622E636F6D2F73652E63
> 7274
> 
> Base64 TBSCertificate:
> MIIELaADAgECAhAgwk38BFPosYn0oek3KZyEMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENB
> IC0gRzMwHhcNMTYxMDE0MDAwMDAwWhcNMTcwMzE3MjM1OTU5WjCBgjELMAkGA1UEBhMCVVMxEDAO
> BgNVBAgTB0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEgQ29y
> cG9yYXRpb24xDjAMBgNVBAsUBU5XSUNTMR4wHAYDVQQDFBVwcm9kLmR3LnVzLmZkY25ldC5iaXow
> ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWQIwelbzYYDNTv8ZpbWROGT6u8SS9T6M1
> z3t/VJ1oCB5M+vU/0q2h5zqqW6eseFYPyhzqKmCvkLMi7xc1IX985hUNyA3wY6inses22CBt/5Me
> f9WSJfgNMtbl4IeEMpp6Aysza4wGq4odY9j9uT28A88IbhNR7qnTrMgK2YB+nfAMr5dxmuwWVaC0
> YSxlmwRh6686/Abu245EI0MomGBFYz0Zrn3u24cDkjelEE9YmeQdqY3lM1/mOze4BP1K/yXZlKNt
> 4VlXNOx7sl+M5YC7aNsAWrmhQ+s4BCyOjkbzWC56KWv6eGsWpXEgUr0UmKFIChJNChm8aLZcU0RP
> zJFXAgMBAAGjggF5MIIBdTAgBgNVHREEGTAXghVwcm9kLmR3LnVzLmZkY25ldC5iaXowCQYDVR0T
> BAIwADAOBgNVHQ8BAf8EBAMCBaAwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgB
> hvhCBAEwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5z
> eW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1Ud
> IwQYMBaAFNebfNgioBX33a1fzimbWMO8RgC1MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZS5z
> eW1jYi5jb20vc2UuY3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NlLnN5
> bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NlLnN5bWNiLmNvbS9zZS5jcnQ=
> 
> 
> --------------------------------------------
> 
> support.datawire.net (based on
> https://crt.sh/?sha256=4dec1059061a0a30a99bc8410162ec2bfa5f84a03ed1388841569
> 4ab182c1fb5, shown below)
> 
> -----BEGIN CERTIFICATE-----
> MIIFNDCCBBygAwIBAgIQIX0er30siBqy4r46XFhn1jANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQxMDI5
> MDAwMDAwWhcNMTYxMDI5MjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMR0wGwYDVQQDFBRzdXBwb3J0
> LmRhdGF3aXJlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANc4
> +MVG/beelCw0hKtSYx17rM5aHxPmzjcKBMgEOEJjoJ8fNVa+ja18J9SvbFio0r49
> BjlKtCBdBjfghhtD9oimOkDLonVi/Bg+kLKci23xn1kkFFDwkLLadmpYT+Kliq03
> W28cY/ztB+kXFmnsbZ/umpPKA5ffbUKjKLchpMv+d/tZB2WWvQn5JXwVbFayMt5X
> eQpaP5NhGkjHEFlEblDBUXJpsrsj18/IsdICzyg1+GPt7SWwQI0BF/N5L+dYNHJ9
> 7sLHJ6/hj1ecS+q8NjwM1YcsEHoiYFdC22KMMQGfLQi5T9sxeM+FWkerL49tgiii
> eb4xqW2O3gEFy9Z4AV0CAwEAAaOCAW0wggFpMB8GA1UdEQQYMBaCFHN1cHBvcnQu
> ZGF0YXdpcmUubmV0MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
> MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBlBgNVHSAEXjBcMFoGCmCGSAGG+EUBBzYw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUH
> AgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNE
> wYJ+HSCrJfQBY9i+eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNi
> LmNvbS9zZC5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8v
> c2Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3Nk
> LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAZhkiyE6cHiH/TRYN8pKrpxOGSmep6/2R
> WUtjvlGhOnWMWU1Nktk/rJghTGOjKtW/KDqsuucHHquld9N+NUxdcvQY/xjd/MoS
> BPsJjoK1ATwEUlOAmHNcFahrM+bZJYwO1pTdn3dRcnZU/N1v3ioMmcGxqKEcC83P
> wxusfTgJca0X/TvMilT69y/2tw37RhUywYAosOyVJaIWV6t0ckHqRY3fN5wRJUf4
> 3Nw2g6cj5I1381Yh/XCQEehnGY8dsSXmgNOudI+PdwmyqmJLDD31XDDhVpxsxLaF
> 6ffj0ylMV+ocIogA46VeDCkOaNpCjz6G/L0Qv1/gI2IF8ZyMNvoMYA==
> -----END CERTIFICATE-----
> 
> Parsed TBSCertificate:
>    0:d=0  hl=4 l=1052 cons: SEQUENCE          
>    4:d=1  hl=2 l=   3 cons: cont [ 0 ]        
>    6:d=2  hl=2 l=   1 prim: INTEGER           :02
>    9:d=1  hl=2 l=  16 prim: INTEGER
> :23754E9A4A58BDD3C160079CB8FBDC58
>   27:d=1  hl=2 l=  13 cons: SEQUENCE          
>   29:d=2  hl=2 l=   9 prim: OBJECT            :sha1WithRSAEncryption
>   40:d=2  hl=2 l=   0 prim: NULL              
>   42:d=1  hl=3 l= 181 cons: SEQUENCE          
>   45:d=2  hl=2 l=  11 cons: SET               
>   47:d=3  hl=2 l=   9 cons: SEQUENCE          
>   49:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>   54:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>   58:d=2  hl=2 l=  23 cons: SET               
>   60:d=3  hl=2 l=  21 cons: SEQUENCE          
>   62:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>   67:d=4  hl=2 l=  14 prim: PRINTABLESTRING   :VeriSign, Inc.
>   83:d=2  hl=2 l=  31 cons: SET               
>   85:d=3  hl=2 l=  29 cons: SEQUENCE          
>   87:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>   92:d=4  hl=2 l=  22 prim: PRINTABLESTRING   :VeriSign Trust Network
>  116:d=2  hl=2 l=  59 cons: SET               
>  118:d=3  hl=2 l=  57 cons: SEQUENCE          
>  120:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  125:d=4  hl=2 l=  50 prim: PRINTABLESTRING   :Terms of use at
> https://www.verisign.com/rpa (c)10
>  177:d=2  hl=2 l=  47 cons: SET               
>  179:d=3  hl=2 l=  45 cons: SEQUENCE          
>  181:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  186:d=4  hl=2 l=  38 prim: PRINTABLESTRING   :VeriSign Class 3 Secure
> Server CA - G3
>  226:d=1  hl=2 l=  30 cons: SEQUENCE          
>  228:d=2  hl=2 l=  13 prim: UTCTIME           :161014000000Z
>  243:d=2  hl=2 l=  13 prim: UTCTIME           :170317235959Z
>  258:d=1  hl=3 l= 132 cons: SEQUENCE          
>  261:d=2  hl=2 l=  11 cons: SET               
>  263:d=3  hl=2 l=   9 cons: SEQUENCE          
>  265:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>  270:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>  274:d=2  hl=2 l=  16 cons: SET               
>  276:d=3  hl=2 l=  14 cons: SEQUENCE          
>  278:d=4  hl=2 l=   3 prim: OBJECT            :stateOrProvinceName
>  283:d=4  hl=2 l=   7 prim: PRINTABLESTRING   :Georgia
>  292:d=2  hl=2 l=  16 cons: SET               
>  294:d=3  hl=2 l=  14 cons: SEQUENCE          
>  296:d=4  hl=2 l=   3 prim: OBJECT            :localityName
>  301:d=4  hl=2 l=   7 prim: T61STRING         :Atlanta
>  310:d=2  hl=2 l=  31 cons: SET               
>  312:d=3  hl=2 l=  29 cons: SEQUENCE          
>  314:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>  319:d=4  hl=2 l=  22 prim: T61STRING         :First Data Corporation
>  343:d=2  hl=2 l=  17 cons: SET               
>  345:d=3  hl=2 l=  15 cons: SEQUENCE          
>  347:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  352:d=4  hl=2 l=   8 prim: T61STRING         :Datawire
>  362:d=2  hl=2 l=  29 cons: SET               
>  364:d=3  hl=2 l=  27 cons: SEQUENCE          
>  366:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  371:d=4  hl=2 l=  20 prim: T61STRING         :support.datawire.net
>  393:d=1  hl=4 l= 290 cons: SEQUENCE          
>  397:d=2  hl=2 l=  13 cons: SEQUENCE          
>  399:d=3  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>  410:d=3  hl=2 l=   0 prim: NULL              
>  412:d=2  hl=4 l= 271 prim: BIT STRING        
>  687:d=1  hl=4 l= 365 cons: cont [ 3 ]        
>  691:d=2  hl=4 l= 361 cons: SEQUENCE          
>  695:d=3  hl=2 l=  31 cons: SEQUENCE          
>  697:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Alternative
> Name
>  702:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:30168214737570706F72742E64617461776972652E6E6574
>  728:d=3  hl=2 l=   9 cons: SEQUENCE          
>  730:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Basic Constraints
>  735:d=4  hl=2 l=   2 prim: OCTET STRING      [HEX DUMP]:3000
>  739:d=3  hl=2 l=  14 cons: SEQUENCE          
>  741:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Key Usage
>  746:d=4  hl=2 l=   1 prim: BOOLEAN           :255
>  749:d=4  hl=2 l=   4 prim: OCTET STRING      [HEX DUMP]:030205A0
>  755:d=3  hl=2 l=  29 cons: SEQUENCE          
>  757:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Extended Key Usage
>  762:d=4  hl=2 l=  22 prim: OCTET STRING      [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
>  786:d=3  hl=2 l= 101 cons: SEQUENCE          
>  788:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Certificate Policies
>  793:d=4  hl=2 l=  94 prim: OCTET STRING      [HEX
> DUMP]:305C305A060A6086480186F845010736304C302306082B060105050702011617687474
> 70733A2F2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A176874
> 7470733A2F2F642E73796D63622E636F6D2F727061
>  889:d=3  hl=2 l=  31 cons: SEQUENCE          
>  891:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key
> Identifier
>  896:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
>  922:d=3  hl=2 l=  43 cons: SEQUENCE          
>  924:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution
> Points
>  929:d=4  hl=2 l=  36 prim: OCTET STRING      [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
>  967:d=3  hl=2 l=  87 cons: SEQUENCE          
>  969:d=4  hl=2 l=   8 prim: OBJECT            :Authority Information Access
>  979:d=4  hl=2 l=  75 prim: OCTET STRING      [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
> 
> Base64 TBSCertificate:
> MIIEHKADAgECAhAjdU6aSli908FgB5y4+9xYMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jwb3JhdGlv
> bjERMA8GA1UECxQIRGF0YXdpcmUxHTAbBgNVBAMUFHN1cHBvcnQuZGF0YXdpcmUubmV0MIIBIjAN
> BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zj4xUb9t56ULDSEq1JjHXuszlofE+bONwoEyAQ4
> QmOgnx81Vr6NrXwn1K9sWKjSvj0GOUq0IF0GN+CGG0P2iKY6QMuidWL8GD6QspyLbfGfWSQUUPCQ
> stp2alhP4qWKrTdbbxxj/O0H6RcWaextn+6ak8oDl99tQqMotyGky/53+1kHZZa9CfklfBVsVrIy
> 3ld5Clo/k2EaSMcQWURuUMFRcmmyuyPXz8ix0gLPKDX4Y+3tJbBAjQEX83kv51g0cn3uwscnr+GP
> V5xL6rw2PAzVhywQeiJgV0LbYowxAZ8tCLlP2zF4z4VaR6svj22CKKJ5vjGpbY7eAQXL1ngBXQID
> AQABo4IBbTCCAWkwHwYDVR0RBBgwFoIUc3VwcG9ydC5kYXRhd2lyZS5uZXQwCQYDVR0TBAIwADAO
> BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGUGA1UdIAReMFww
> WgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggr
> BgEFBQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4d
> IKsl9AFj2L55pTArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNybDBX
> BggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYIKwYBBQUH
> MAKGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3J0
> 
> 
> ----------------------------------------------
> 
> vxn.datawire.net (based on
> https://crt.sh/?sha256=BD41104E071B4B8EE67395FC916C333FE05B06737D6E50B4E4673
> C3A76CA2110, shown below)
> 
> -----BEGIN CERTIFICATE-----
> MIIFKDCCBBCgAwIBAgIQcU8GvyL+RFnjJEvuiTDsUzANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
> B0dlb3JnaWExEDAOBgNVBAcUB0F0bGFudGExHzAdBgNVBAoUFkZpcnN0IERhdGEg
> Q29ycG9yYXRpb24xETAPBgNVBAsUCERhdGF3aXJlMRkwFwYDVQQDFBB2eG4uZGF0
> YXdpcmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDba7upf
> JEgF7+P2H/KdNsKrsQ7qHv8XAPjOQVoiedCoPmjz2ITA/VZR3+aOxf6GwhMkXSR5
> w6I9MquJHT5Nj4O9WeAkpWLo86SVPSRWqMRWKv1XbOZOSpZCAgn7piUqzjixILWh
> NRJacpJr/sjDS5AmV8t8ckStlsghiAWR8UXMXto8k8G9afZT0BNZKZtMub6fDIbu
> gPifVmm6gK76RnAFVwXGG5NunXTj9MQwp7EYtu0+5x4Ryb5XB5moOnZQE+bCNMlP
> 1umpbgKNzZxeEqLZgRz3TbOBpehuYplb2M6axjd8vQlfsXJqEYgWUlWVH+d3VaUU
> nEr3QkAMtqOhuQIDAQABo4IBZTCCAWEwGwYDVR0RBBQwEoIQdnhuLmRhdGF3aXJl
> Lm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
> BQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcC
> ARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6
> Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+
> eaUwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmww
> VwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29t
> MCYGCCsGAQUFBzAChhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNydDANBgkqhkiG
> 9w0BAQUFAAOCAQEAh8kZ9DvUDx/HMH2D69a6HxRcEf+OOLHrGmrCLS1Trp3UI3ci
> x38ohV4HRfkmV+cg/1mctCSSfOaecre9NJvXYLSbrwWg90tT7fZlkG/VH+50VVmV
> yUPVyUdhAg87E01FcqeW8gV1GRNlZ5S/y9Vi1C9+yIPpzFEUuwxbqZaLbeElvYJg
> ydtjZwLT7UwlERhZLzxAFB4uU9G9Ghi2qgkvKPAFZhdk3MXD79iWi9YUYOUDQA3+
> 6ikPcUMn4KCxJvNSURTBVQuz0qGQw1pp2ON9GIiSxw24ha6L3BbZMJrKRKPTOjy8
> YasYiS4hpUDvlwl5MMlOCuCE8/gnPvju9UHALg==
> -----END CERTIFICATE-----
> 
> Parsed TBSCertificate:
>    0:d=0  hl=4 l=1040 cons: SEQUENCE          
>    4:d=1  hl=2 l=   3 cons: cont [ 0 ]        
>    6:d=2  hl=2 l=   1 prim: INTEGER           :02
>    9:d=1  hl=2 l=  16 prim: INTEGER
> :6BFAA1E1CF6B3068033D10AB7AE42DDE
>   27:d=1  hl=2 l=  13 cons: SEQUENCE          
>   29:d=2  hl=2 l=   9 prim: OBJECT            :sha1WithRSAEncryption
>   40:d=2  hl=2 l=   0 prim: NULL              
>   42:d=1  hl=3 l= 181 cons: SEQUENCE          
>   45:d=2  hl=2 l=  11 cons: SET               
>   47:d=3  hl=2 l=   9 cons: SEQUENCE          
>   49:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>   54:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>   58:d=2  hl=2 l=  23 cons: SET               
>   60:d=3  hl=2 l=  21 cons: SEQUENCE          
>   62:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>   67:d=4  hl=2 l=  14 prim: PRINTABLESTRING   :VeriSign, Inc.
>   83:d=2  hl=2 l=  31 cons: SET               
>   85:d=3  hl=2 l=  29 cons: SEQUENCE          
>   87:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>   92:d=4  hl=2 l=  22 prim: PRINTABLESTRING   :VeriSign Trust Network
>  116:d=2  hl=2 l=  59 cons: SET               
>  118:d=3  hl=2 l=  57 cons: SEQUENCE          
>  120:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  125:d=4  hl=2 l=  50 prim: PRINTABLESTRING   :Terms of use at
> https://www.verisign.com/rpa (c)10
>  177:d=2  hl=2 l=  47 cons: SET               
>  179:d=3  hl=2 l=  45 cons: SEQUENCE          
>  181:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  186:d=4  hl=2 l=  38 prim: PRINTABLESTRING   :VeriSign Class 3 Secure
> Server CA - G3
>  226:d=1  hl=2 l=  30 cons: SEQUENCE          
>  228:d=2  hl=2 l=  13 prim: UTCTIME           :161014000000Z
>  243:d=2  hl=2 l=  13 prim: UTCTIME           :170317235959Z
>  258:d=1  hl=3 l= 128 cons: SEQUENCE          
>  261:d=2  hl=2 l=  11 cons: SET               
>  263:d=3  hl=2 l=   9 cons: SEQUENCE          
>  265:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>  270:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>  274:d=2  hl=2 l=  16 cons: SET               
>  276:d=3  hl=2 l=  14 cons: SEQUENCE          
>  278:d=4  hl=2 l=   3 prim: OBJECT            :stateOrProvinceName
>  283:d=4  hl=2 l=   7 prim: PRINTABLESTRING   :Georgia
>  292:d=2  hl=2 l=  16 cons: SET               
>  294:d=3  hl=2 l=  14 cons: SEQUENCE          
>  296:d=4  hl=2 l=   3 prim: OBJECT            :localityName
>  301:d=4  hl=2 l=   7 prim: T61STRING         :Atlanta
>  310:d=2  hl=2 l=  31 cons: SET               
>  312:d=3  hl=2 l=  29 cons: SEQUENCE          
>  314:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>  319:d=4  hl=2 l=  22 prim: T61STRING         :First Data Corporation
>  343:d=2  hl=2 l=  17 cons: SET               
>  345:d=3  hl=2 l=  15 cons: SEQUENCE          
>  347:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  352:d=4  hl=2 l=   8 prim: T61STRING         :Datawire
>  362:d=2  hl=2 l=  25 cons: SET               
>  364:d=3  hl=2 l=  23 cons: SEQUENCE          
>  366:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  371:d=4  hl=2 l=  16 prim: T61STRING         :vxn.datawire.net
>  389:d=1  hl=4 l= 290 cons: SEQUENCE          
>  393:d=2  hl=2 l=  13 cons: SEQUENCE          
>  395:d=3  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>  406:d=3  hl=2 l=   0 prim: NULL              
>  408:d=2  hl=4 l= 271 prim: BIT STRING        
>  683:d=1  hl=4 l= 357 cons: cont [ 3 ]        
>  687:d=2  hl=4 l= 353 cons: SEQUENCE          
>  691:d=3  hl=2 l=  27 cons: SEQUENCE          
>  693:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Alternative
> Name
>  698:d=4  hl=2 l=  20 prim: OCTET STRING      [HEX
> DUMP]:3012821076786E2E64617461776972652E6E6574
>  720:d=3  hl=2 l=   9 cons: SEQUENCE          
>  722:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Basic Constraints
>  727:d=4  hl=2 l=   2 prim: OCTET STRING      [HEX DUMP]:3000
>  731:d=3  hl=2 l=  14 cons: SEQUENCE          
>  733:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Key Usage
>  738:d=4  hl=2 l=   1 prim: BOOLEAN           :255
>  741:d=4  hl=2 l=   4 prim: OCTET STRING      [HEX DUMP]:030205A0
>  747:d=3  hl=2 l=  29 cons: SEQUENCE          
>  749:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Extended Key Usage
>  754:d=4  hl=2 l=  22 prim: OCTET STRING      [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
>  778:d=3  hl=2 l=  97 cons: SEQUENCE          
>  780:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Certificate Policies
>  785:d=4  hl=2 l=  90 prim: OCTET STRING      [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
>  877:d=3  hl=2 l=  31 cons: SEQUENCE          
>  879:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key
> Identifier
>  884:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
>  910:d=3  hl=2 l=  43 cons: SEQUENCE          
>  912:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution
> Points
>  917:d=4  hl=2 l=  36 prim: OCTET STRING      [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
>  955:d=3  hl=2 l=  87 cons: SEQUENCE          
>  957:d=4  hl=2 l=   8 prim: OBJECT            :Authority Information Access
>  967:d=4  hl=2 l=  75 prim: OCTET STRING      [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
> 
> Base64 TBSCertificate:
> MIIEEKADAgECAhBr+qHhz2swaAM9EKt65C3eMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMIGAMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBDb3Jwb3JhdGlv
> bjERMA8GA1UECxQIRGF0YXdpcmUxGTAXBgNVBAMUEHZ4bi5kYXRhd2lyZS5uZXQwggEiMA0GCSqG
> SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNtru6l8kSAXv4/Yf8p02wquxDuoe/xcA+M5BWiJ50Kg+
> aPPYhMD9VlHf5o7F/obCEyRdJHnDoj0yq4kdPk2Pg71Z4CSlYujzpJU9JFaoxFYq/Vds5k5KlkIC
> CfumJSrOOLEgtaE1Elpykmv+yMNLkCZXy3xyRK2WyCGIBZHxRcxe2jyTwb1p9lPQE1kpm0y5vp8M
> hu6A+J9WabqArvpGcAVXBcYbk26ddOP0xDCnsRi27T7nHhHJvlcHmag6dlAT5sI0yU/W6aluAo3N
> nF4SotmBHPdNs4Gl6G5imVvYzprGN3y9CV+xcmoRiBZSVZUf53dVpRScSvdCQAy2o6G5AgMBAAGj
> ggFlMIIBYTAbBgNVHREEFDASghB2eG4uZGF0YXdpcmUubmV0MAkGA1UdEwQCMAAwDgYDVR0PAQH/
> BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBhBgNVHSAEWjBYMFYGBmeBDAEC
> AjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdo
> dHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTAr
> BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc2Quc3ltY2IuY29tL3NkLmNybDBXBggrBgEFBQcBAQRL
> MEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9z
> ZC5zeW1jYi5jb20vc2QuY3J0
> 
> 
> --------------------------------------------
> 
> vxn1.datawire.net (based on https://crt.sh/?sha256=
> f9836701e490be00496f758827cb7cd7c3e6ccf3bd019e70b984344b7bee30ba, shown
> below)
> 
> -----BEGIN CERTIFICATE-----
> MIIFJjCCBA6gAwIBAgIQF7J0vivjXvfrlJdtps1vxTANBgkqhkiG9w0BAQUFADCB
> tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
> ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
> YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
> VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTUxMTIw
> MDAwMDAwWhcNMTYxMTIwMjM1OTU5WjB+MQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
> R2VvcmdpYTEQMA4GA1UEBxQHQXRsYW50YTEfMB0GA1UEChQWRmlyc3QgRGF0YSBD
> b3Jwb3JhdGlvbjEOMAwGA1UECxQFRFdPUFMxGjAYBgNVBAMUEXZ4bjEuZGF0YXdp
> cmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrY4LUYBjezk
> AryX0ArxEy2XIelxc6IINIGYjZVQ5Ahrmk7HNNkfcEHtTyKwa+7QIn22EQ2izA5c
> 2659t5Xy9WgxTSgJ6Rm+Z04ca7pw1HCTE9ToqGz6XqG9560qEJUNw0nFAjdQKqzr
> KVZADipWGTvduVyqMcL1F1xmQRy2Eqjv8k/QHRfsQWcSgLR0G2DX0aylQ1NPmUmv
> T002uCKd82qkgo7NXoEvS2m+T38Uxh6xso+wcjIWzEWeSTQ8qvBU/9oAmhd4A+gw
> 2L0f/xYUYWJZySGbZXr3indobSkhPTZk+BoEc8nvsD32jL4rL83rIkyUlftsH3ht
> TWubGdmF6wIDAQABo4IBZjCCAWIwHAYDVR0RBBUwE4IRdnhuMS5kYXRhd2lyZS5u
> ZXQwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
> AwEGCCsGAQUFBwMCMGEGA1UdIARaMFgwVgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEW
> F2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8v
> ZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0AWPYvnml
> MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3JsMFcG
> CCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NkLnN5bWNkLmNvbTAm
> BggrBgEFBQcwAoYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcnQwDQYJKoZIhvcN
> AQEFBQADggEBAHpQ1jDkQ32iqdxwsUoFANDF/2ALcwjhkzRKvmbWWHaKBprJAyDL
> sQYR56MBs/oCcT9ALPmcfVzVj3m+hMNTb61i8n9m9Q8sR+43/UkmZElvQ1JzkaGx
> YHf9sfWXzNOUcjO0d+VXfuRY/otPxAIUV48LCYgY7joe8XAQvCL2XR8t7Qnn8DwG
> wCzGnCkCgDBxBVHC6XCKBsaSsuAhED5XG7Lm0MVIPHS6fkC1SGtW29mX+FaiKLop
> RJCGK5BiMOcPeQYIHlh1W809xFAKH/dRJeehpIM7cJZPSxxtiArbqjSn6rMfOE5Z
> 8pTlvBq6Zj1F/U2lIIi21LQKEtlEoBXR5YY=
> -----END CERTIFICATE-----
> 
> Parsed TBSCertificate:
>    0:d=0  hl=4 l=1038 cons: SEQUENCE          
>    4:d=1  hl=2 l=   3 cons: cont [ 0 ]        
>    6:d=2  hl=2 l=   1 prim: INTEGER           :02
>    9:d=1  hl=2 l=  16 prim: INTEGER
> :24249CCA94D660E50363FF7F47DC7107
>   27:d=1  hl=2 l=  13 cons: SEQUENCE          
>   29:d=2  hl=2 l=   9 prim: OBJECT            :sha1WithRSAEncryption
>   40:d=2  hl=2 l=   0 prim: NULL              
>   42:d=1  hl=3 l= 181 cons: SEQUENCE          
>   45:d=2  hl=2 l=  11 cons: SET               
>   47:d=3  hl=2 l=   9 cons: SEQUENCE          
>   49:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>   54:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>   58:d=2  hl=2 l=  23 cons: SET               
>   60:d=3  hl=2 l=  21 cons: SEQUENCE          
>   62:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>   67:d=4  hl=2 l=  14 prim: PRINTABLESTRING   :VeriSign, Inc.
>   83:d=2  hl=2 l=  31 cons: SET               
>   85:d=3  hl=2 l=  29 cons: SEQUENCE          
>   87:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>   92:d=4  hl=2 l=  22 prim: PRINTABLESTRING   :VeriSign Trust Network
>  116:d=2  hl=2 l=  59 cons: SET               
>  118:d=3  hl=2 l=  57 cons: SEQUENCE          
>  120:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  125:d=4  hl=2 l=  50 prim: PRINTABLESTRING   :Terms of use at
> https://www.verisign.com/rpa (c)10
>  177:d=2  hl=2 l=  47 cons: SET               
>  179:d=3  hl=2 l=  45 cons: SEQUENCE          
>  181:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  186:d=4  hl=2 l=  38 prim: PRINTABLESTRING   :VeriSign Class 3 Secure
> Server CA - G3
>  226:d=1  hl=2 l=  30 cons: SEQUENCE          
>  228:d=2  hl=2 l=  13 prim: UTCTIME           :161014000000Z
>  243:d=2  hl=2 l=  13 prim: UTCTIME           :170317235959Z
>  258:d=1  hl=2 l= 126 cons: SEQUENCE          
>  260:d=2  hl=2 l=  11 cons: SET               
>  262:d=3  hl=2 l=   9 cons: SEQUENCE          
>  264:d=4  hl=2 l=   3 prim: OBJECT            :countryName
>  269:d=4  hl=2 l=   2 prim: PRINTABLESTRING   :US
>  273:d=2  hl=2 l=  16 cons: SET               
>  275:d=3  hl=2 l=  14 cons: SEQUENCE          
>  277:d=4  hl=2 l=   3 prim: OBJECT            :stateOrProvinceName
>  282:d=4  hl=2 l=   7 prim: PRINTABLESTRING   :Georgia
>  291:d=2  hl=2 l=  16 cons: SET               
>  293:d=3  hl=2 l=  14 cons: SEQUENCE          
>  295:d=4  hl=2 l=   3 prim: OBJECT            :localityName
>  300:d=4  hl=2 l=   7 prim: T61STRING         :Atlanta
>  309:d=2  hl=2 l=  31 cons: SET               
>  311:d=3  hl=2 l=  29 cons: SEQUENCE          
>  313:d=4  hl=2 l=   3 prim: OBJECT            :organizationName
>  318:d=4  hl=2 l=  22 prim: T61STRING         :First Data Corporation
>  342:d=2  hl=2 l=  14 cons: SET               
>  344:d=3  hl=2 l=  12 cons: SEQUENCE          
>  346:d=4  hl=2 l=   3 prim: OBJECT            :organizationalUnitName
>  351:d=4  hl=2 l=   5 prim: T61STRING         :DWOPS
>  358:d=2  hl=2 l=  26 cons: SET               
>  360:d=3  hl=2 l=  24 cons: SEQUENCE          
>  362:d=4  hl=2 l=   3 prim: OBJECT            :commonName
>  367:d=4  hl=2 l=  17 prim: T61STRING         :vxn1.datawire.net
>  386:d=1  hl=4 l= 290 cons: SEQUENCE          
>  390:d=2  hl=2 l=  13 cons: SEQUENCE          
>  392:d=3  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>  403:d=3  hl=2 l=   0 prim: NULL              
>  405:d=2  hl=4 l= 271 prim: BIT STRING        
>  680:d=1  hl=4 l= 358 cons: cont [ 3 ]        
>  684:d=2  hl=4 l= 354 cons: SEQUENCE          
>  688:d=3  hl=2 l=  28 cons: SEQUENCE          
>  690:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Alternative
> Name
>  695:d=4  hl=2 l=  21 prim: OCTET STRING      [HEX
> DUMP]:3013821176786E312E64617461776972652E6E6574
>  718:d=3  hl=2 l=   9 cons: SEQUENCE          
>  720:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Basic Constraints
>  725:d=4  hl=2 l=   2 prim: OCTET STRING      [HEX DUMP]:3000
>  729:d=3  hl=2 l=  14 cons: SEQUENCE          
>  731:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Key Usage
>  736:d=4  hl=2 l=   1 prim: BOOLEAN           :255
>  739:d=4  hl=2 l=   4 prim: OCTET STRING      [HEX DUMP]:030205A0
>  745:d=3  hl=2 l=  29 cons: SEQUENCE          
>  747:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Extended Key Usage
>  752:d=4  hl=2 l=  22 prim: OCTET STRING      [HEX
> DUMP]:301406082B0601050507030106082B06010505070302
>  776:d=3  hl=2 l=  97 cons: SEQUENCE          
>  778:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Certificate Policies
>  783:d=4  hl=2 l=  90 prim: OCTET STRING      [HEX
> DUMP]:30583056060667810C010202304C302306082B06010505070201161768747470733A2F
> 2F642E73796D63622E636F6D2F637073302506082B0601050507020230191A1768747470733A
> 2F2F642E73796D63622E636F6D2F727061
>  875:d=3  hl=2 l=  31 cons: SEQUENCE          
>  877:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key
> Identifier
>  882:d=4  hl=2 l=  24 prim: OCTET STRING      [HEX
> DUMP]:301680140D445C165344C1827E1D20AB25F40163D8BE79A5
>  908:d=3  hl=2 l=  43 cons: SEQUENCE          
>  910:d=4  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution
> Points
>  915:d=4  hl=2 l=  36 prim: OCTET STRING      [HEX
> DUMP]:30223020A01EA01C861A687474703A2F2F73642E73796D63622E636F6D2F73642E6372
> 6C
>  953:d=3  hl=2 l=  87 cons: SEQUENCE          
>  955:d=4  hl=2 l=   8 prim: OBJECT            :Authority Information Access
>  965:d=4  hl=2 l=  75 prim: OCTET STRING      [HEX
> DUMP]:3049301F06082B060105050730018613687474703A2F2F73642E73796D63642E636F6D
> 302606082B06010505073002861A687474703A2F2F73642E73796D63622E636F6D2F73642E63
> 7274
> 
> Base64 TBSCertificate:
> MIIEDqADAgECAhAkJJzKlNZg5QNj/39H3HEHMA0GCSqGSIb3DQEBBQUAMIG1MQswCQYDVQQGEwJV
> UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
> cmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBh
> IChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMzAe
> Fw0xNjEwMTQwMDAwMDBaFw0xNzAzMTcyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdH
> ZW9yZ2lhMRAwDgYDVQQHFAdBdGxhbnRhMR8wHQYDVQQKFBZGaXJzdCBEYXRhIENvcnBvcmF0aW9u
> MQ4wDAYDVQQLFAVEV09QUzEaMBgGA1UEAxQRdnhuMS5kYXRhd2lyZS5uZXQwggEiMA0GCSqGSIb3
> DQEBAQUAA4IBDwAwggEKAoIBAQDOtjgtRgGN7OQCvJfQCvETLZch6XFzogg0gZiNlVDkCGuaTsc0
> 2R9wQe1PIrBr7tAifbYRDaLMDlzbrn23lfL1aDFNKAnpGb5nThxrunDUcJMT1OiobPpeob3nrSoQ
> lQ3DScUCN1AqrOspVkAOKlYZO925XKoxwvUXXGZBHLYSqO/yT9AdF+xBZxKAtHQbYNfRrKVDU0+Z
> Sa9PTTa4Ip3zaqSCjs1egS9Lab5PfxTGHrGyj7ByMhbMRZ5JNDyq8FT/2gCaF3gD6DDYvR//FhRh
> YlnJIZtleveKd2htKSE9NmT4GgRzye+wPfaMvisvzesiTJSV+2wfeG1Na5sZ2YXrAgMBAAGjggFm
> MIIBYjAcBgNVHREEFTATghF2eG4xLmRhdGF3aXJlLm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE
> AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIw
> TDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0
> cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUwKwYD
> VR0fBCQwIjAgoB6gHIYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcmwwVwYIKwYBBQUHAQEESzBJ
> MB8GCCsGAQUFBzABhhNodHRwOi8vc2Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc2Qu
> c3ltY2IuY29tL3NkLmNydA==
> 
> -----Original Message-----
> From: Dean Coclin 
> Sent: Thursday, September 29, 2016 11:53 AM
> To: CABFPub <public at cabforum.org>
> Cc: Halliday, Morgan <Morgan.Halliday at firstdata.com>; Sidoriak, Evan S
> <Evan.Sidoriak at firstdata.com>
> Subject: SHA-1 exception request
> 
> 
> In accordance with the SHA-1 Exception Request procedure, we hereby submit
> the attached request on behalf of our client. 
> 
> Attached please find the answers to the questions in Step 1 of the
> procedure. 
> 
> TBS certificates are being generated and will be submitted in a separate
> email within 24 hours. 
> 
> 
> 
> 
> Dean Coclin
> Sr. Director Business Development
> 
> 
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public




More information about the Public mailing list