Sentry.captureException(e) generate Envelope submission failed SSLHandshakeException PKIX path building failed

[hernaldog]

Integration

sentry-spring-boot-jakarta

Java Version

21.0.3

Version

8.3.0

Steps to Reproduce

Hi, I've been trying to solve this problem for 2.5 days and can't find a solution.

1. Configure Sentry for a SpringBoot 3 project using sentry-spring-boot-starter-jakarta. I use Java 21, as indicated on the https://xxxx.sentry.io/ site when creating a new project. I Use Spring Tool Suite 4.23.1.RELEASE
2. Add the Token and DSN in the application.properties file.

sentry.dsn=https://496ecee9b8f90beb6ee44b8c72aa3e8c@o4508846212186115.ingest.us.sentry.io/4508937126871040
sentry.send-default-pii=true
sentry.auth.token=xxxxxxx
sentry.proyecto=mi-proyecto2
sentry.debug=true

3. Add this POM

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>3.4.3</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>cl.tisal</groupId>
	<artifactId>arq-poc-log-sentry</artifactId>
	<version>1</version>
	<name>arq</name>
	<description>Demo uso de Logs Sentry.io</description>
	<url/>
	<licenses>
		<license/>
	</licenses>
	<developers>
		<developer/>
	</developers>
	<scm>
		<connection/>
		<developerConnection/>
		<tag/>
		<url/>
	</scm>
	<properties>
		<java.version>21</java.version>
	</properties>
	<dependencies>	

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>		
		<dependency>
		    <groupId>io.sentry</groupId>
		    <artifactId>sentry-spring-boot-starter-jakarta</artifactId>
		    <version>8.3.0</version>
		</dependency>

	</dependencies>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
			
			<plugin>
		      <groupId>io.sentry</groupId>
		      <artifactId>sentry-maven-plugin</artifactId>
		      <version>0.3.0</version>
		      <extensions>true</extensions>
		      <configuration>		        
		        <debugSentryCli>true</debugSentryCli>		
		        <org>tisal-op</org>		
		        <!--<project>mi-proyecto2</project>-->
		        <project>${sentry.proyecto}</project>
		        <authToken>${sentry.auth.token}</authToken>
		      </configuration>
		       <executions>
			    <execution>
			      <goals>
			        <!-- Generates a source bundle and uploads it to Sentry -->
			        <!-- This enables source context, allowing you to see your source code as part of your stack traces in Sentry -->
			        <!-- Learn more about this feature in its dedicated "Source Context" docs page -->
			        <goal>uploadSourceBundle</goal>
			      </goals>
			    </execution>
			  </executions>
		    </plugin>		    
		</plugins>
	</build>

</project>

4. Create a new controller using only the lines indicated in the example:

import java.lang.Exception;
import io.sentry.Sentry;

try {
throw new Exception("This is a test.");
} catch (Exception e) {
 Sentry.captureException(e);
}

5. The output always on the line Sentry.captureException(e); It is in summary:

DEBUG: Hint is not io.sentry.hints.Retryable
ERROR: Envelope submission failed
java.lang.IllegalStateException: Sending the event failed.
java.lang.IllegalStateException: Sending the event failed.

Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

6. I'm not sure which SSL certificate I need to add, what URL I'm getting it from, or where to add it or how to add it :( in case that's the problem

Expected Result

I was able to send the "This is a test." exception to the Sentry Cloud platform without an SSL certificate error.

Actual Result

Nothing is showing in Sentry.io cloud; it's not logging any events.

Below is the full error in "Console" section of my IDE

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/

 :: Spring Boot ::                 (v3.4.3)

2025-03-12T08:19:45.562-03:00  INFO 23184 --- [arq] [           main] cl.tisal.arq.ArqApplication              : Starting ArqApplication using Java 21.0.3 with PID 23184 (C:\desarrollos\arq-poc-log-sentry\target\classes started by hgonzalez in C:\desarrollos\arq-poc-log-sentry)
2025-03-12T08:19:45.590-03:00  INFO 23184 --- [arq] [           main] cl.tisal.arq.ArqApplication              : No active profile set, falling back to 1 default profile: "default"
2025-03-12T08:19:46.550-03:00  INFO 23184 --- [arq] [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port 8080 (http)
2025-03-12T08:19:46.569-03:00  INFO 23184 --- [arq] [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2025-03-12T08:19:46.569-03:00  INFO 23184 --- [arq] [           main] o.apache.catalina.core.StandardEngine    : Starting Servlet engine: [Apache Tomcat/10.1.36]
2025-03-12T08:19:46.625-03:00  INFO 23184 --- [arq] [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2025-03-12T08:19:46.626-03:00  INFO 23184 --- [arq] [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 954 ms
INFO: Initializing SDK with DSN: 'https://496ecee9b8f90beb6ee44b8c72aa3e8c@o4508846212186115.ingest.us.sentry.io/4508937126871040'
INFO: No outbox dir path is defined in options.
INFO: Debug Meta Data Properties loaded from file:/C:/desarrollos/arq-poc-log-sentry/target/classes/sentry-debug-meta.properties
DEBUG: Bundle IDs found: df483857-506f-42aa-aada-badbc4f31ddd
DEBUG: UncaughtExceptionHandlerIntegration enabled: true
DEBUG: UncaughtExceptionHandlerIntegration installed.
DEBUG: ShutdownHookIntegration installed.
DEBUG: SpotlightIntegration is not enabled. BeforeEnvelopeCallback is already set or spotlight is not enabled.
DEBUG: Using openTelemetryMode AUTO
INFO: Cache dir is not set, not finalizing the previous session.
DEBUG: Using span factory io.sentry.DefaultSpanFactory
DEBUG: Using scopes storage io.sentry.DefaultScopesStorage
2025-03-12T08:19:47.158-03:00  INFO 23184 --- [arq] [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port 8080 (http) with context path '/'
2025-03-12T08:19:47.165-03:00  INFO 23184 --- [arq] [           main] cl.tisal.arq.ArqApplication              : Started ArqApplication in 2.067 seconds (process running for 3.244)
2025-03-12T08:20:10.920-03:00  INFO 23184 --- [arq] [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2025-03-12T08:20:10.920-03:00  INFO 23184 --- [arq] [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2025-03-12T08:20:10.922-03:00  INFO 23184 --- [arq] [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 2 ms
DEBUG: Capturing event: d294107f886e4ad2bbdad54dd6ca32bb
INFO: sentry-external-modules.txt file was not found.
INFO: Session is null on scope.withSession
DEBUG: Hint is not io.sentry.hints.Retryable
ERROR: Envelope submission failed 
 java.lang.IllegalStateException: Sending the event failed.
java.lang.IllegalStateException: Sending the event failed.
	at io.sentry.transport.AsyncHttpTransport$EnvelopeSender.flush(AsyncHttpTransport.java:337)
	at io.sentry.transport.AsyncHttpTransport$EnvelopeSender.run(AsyncHttpTransport.java:244)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
	at java.base/java.lang.Thread.run(Thread.java:1583)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:130)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:378)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:316)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1318)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1195)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1138)
	at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:393)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:476)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:447)
	at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1421)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
	at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:586)
	at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:187)
	at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:141)
	at io.sentry.transport.HttpConnection.createConnection(HttpConnection.java:144)
	at io.sentry.transport.HttpConnection.send(HttpConnection.java:149)
	at io.sentry.transport.AsyncHttpTransport$EnvelopeSender.flush(AsyncHttpTransport.java:299)
	... 6 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:388)
	at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:271)
	at java.base/sun.security.validator.Validator.validate(Validator.java:256)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:230)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1302)
	... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:148)
	at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:129)
	at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
	at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:383)
	... 28 more

[adinauer]

Hello @hernaldog .
Maybe #1000 (comment) , #639 or https://sentry.io/answers/how-to-solve-pkix-path-building-failed-error-in-java/ help.

Are you able to curl -vvv https://sentry.io on your server or does that also cause problems?

[hernaldog]

Hello @hernaldog . Maybe #1000 (comment) , #639 or https://sentry.io/answers/how-to-solve-pkix-path-building-failed-error-in-java/ help.

Are you able to curl -vvv https://sentry.io on your server or does that also cause problems?

I see it works fine

C:\Users\hgonzalez>curl -vvv https://sentry.io
09:10:47.280777 [0-x] == Info: [READ] client_reset, clear readers
09:10:47.304163 [0-0] == Info: Host sentry.io:443 was resolved.
09:10:47.306966 [0-0] == Info: IPv6: (none)
09:10:47.309028 [0-0] == Info: IPv4: 35.186.247.156
09:10:47.312184 [0-0] == Info: [HTTPS-CONNECT] added
09:10:47.315024 [0-0] == Info: [HTTPS-CONNECT] connect, init
09:10:47.318615 [0-0] == Info: [HTTPS-CONNECT] connect, check h21
09:10:47.321555 [0-0] == Info:   Trying 35.186.247.156:443...
09:10:47.324482 [0-0] == Info: [HTTPS-CONNECT] connect -> 0, done=0
09:10:47.327808 [0-0] == Info: [HTTPS-CONNECT] adjust_pollset -> 1 socks
09:10:47.331375 [0-0] == Info: [HTTPS-CONNECT] connect, check h21
09:10:47.335538 [0-0] == Info: [SSL] cf_connect()
09:10:47.337888 [0-0] == Info: [SSL] No cached session ID for https://sentry.io:443
09:10:47.341615 [0-0] == Info: schannel: disabled automatic use of client certificate
09:10:47.355864 [0-0] == Info: ALPN: curl offers http/1.1
09:10:47.359620 [0-0] == Info: [SSL] cf_connect() -> 0, done=0
09:10:47.363116 [0-0] == Info: [HTTPS-CONNECT] connect -> 0, done=0
09:10:47.368863 [0-0] == Info: [SSL] adjust_pollset, POLLIN fd=432
09:10:47.373079 [0-0] == Info: [HTTPS-CONNECT] adjust_pollset -> 1 socks
09:10:47.395328 [0-0] == Info: [HTTPS-CONNECT] connect, check h21
09:10:47.400837 [0-0] == Info: [SSL] cf_connect()
09:10:47.426661 [0-0] == Info: ALPN: server did not agree on a protocol. Uses default.
09:10:47.432778 [0-0] == Info: [SSL] No cached session ID for https://sentry.io:443
09:10:47.436631 [0-0] == Info: [SSL] Added Session ID to cache for https://sentry.io:443 [server]
09:10:47.441033 [0-0] == Info: [SSL] cf_connect() -> 0, done=1
09:10:47.444748 [0-0] == Info: [HTTPS-CONNECT] connect+handshake h21: 126ms, 1st data: 82ms
09:10:47.448837 [0-0] == Info: [HTTPS-CONNECT] connect -> 0, done=1
09:10:47.452518 [0-0] == Info: Connected to sentry.io (35.186.247.156) port 443
09:10:47.456073 [0-0] == Info: using HTTP/1.x
09:10:47.458177 [0-0] => Send header, 73 bytes (0x49)
0000: GET / HTTP/1.1
0010: Host: sentry.io
0021: User-Agent: curl/8.10.1
003a: Accept: */*
0047:
09:10:47.465133 [0-0] == Info: [SSL] cf_recv(len=102400) -> -1, 81
09:10:47.469119 [0-0] == Info: Request completely sent off
09:10:47.630956 [0-0] == Info: [SSL] cf_recv(len=102400) -> 1971, 0
09:10:47.642567 [0-0] <= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
09:10:47.651866 [0-0] == Info: [WRITE] cw_out, wrote 20 header bytes -> 20
09:10:47.659320 [0-0] == Info: [WRITE] download_write header(type=c, blen=20) -> 0
09:10:47.667844 [0-0] == Info: [WRITE] client_write(type=c, len=20) -> 0
09:10:47.673700 [0-0] <= Recv header, 15 bytes (0xf)
0000: server: nginx
09:10:47.680145 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=15) -> 0
09:10:47.689244 [0-0] == Info: [WRITE] cw_out, wrote 15 header bytes -> 15
09:10:47.695671 [0-0] == Info: [WRITE] download_write header(type=4, blen=15) -> 0
09:10:47.702117 [0-0] == Info: [WRITE] client_write(type=4, len=15) -> 0
09:10:47.707634 [0-0] <= Recv header, 37 bytes (0x25)
0000: date: Wed, 12 Mar 2025 12:10:44 GMT
09:10:47.715110 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=37) -> 0
09:10:47.722126 [0-0] == Info: [WRITE] cw_out, wrote 37 header bytes -> 37
09:10:47.728076 [0-0] == Info: [WRITE] download_write header(type=4, blen=37) -> 0
09:10:47.736484 [0-0] == Info: [WRITE] client_write(type=4, len=37) -> 0
09:10:47.742205 [0-0] <= Recv header, 40 bytes (0x28)
0000: content-type: text/html; charset=utf-8
09:10:47.751031 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=40) -> 0
09:10:47.756879 [0-0] == Info: [WRITE] cw_out, wrote 40 header bytes -> 40
09:10:47.762320 [0-0] == Info: [WRITE] download_write header(type=4, blen=40) -> 0
09:10:47.769844 [0-0] == Info: [WRITE] client_write(type=4, len=40) -> 0
09:10:47.775300 [0-0] <= Recv header, 19 bytes (0x13)
0000: Content-Length: 0
09:10:47.782801 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=19) -> 0
09:10:47.791808 [0-0] == Info: [WRITE] cw_out, wrote 19 header bytes -> 19
09:10:47.801083 [0-0] == Info: [WRITE] download_write header(type=4, blen=19) -> 0
09:10:47.807714 [0-0] == Info: [WRITE] client_write(type=4, len=19) -> 0
09:10:47.813743 [0-0] <= Recv header, 21 bytes (0x15)
0000: location: /welcome/
09:10:47.821686 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=21) -> 0
09:10:47.828763 [0-0] == Info: [WRITE] cw_out, wrote 21 header bytes -> 21
09:10:47.834945 [0-0] == Info: [WRITE] download_write header(type=4, blen=21) -> 0
09:10:47.841242 [0-0] == Info: [WRITE] client_write(type=4, len=21) -> 0
09:10:47.846826 [0-0] <= Recv header, 31 bytes (0x1f)
0000: vary: Accept-Language, Cookie
09:10:47.855736 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=31) -> 0
09:10:47.862276 [0-0] == Info: [WRITE] cw_out, wrote 31 header bytes -> 31
09:10:47.868717 [0-0] == Info: [WRITE] download_write header(type=4, blen=31) -> 0
09:10:47.874928 [0-0] == Info: [WRITE] client_write(type=4, len=31) -> 0
09:10:47.880614 [0-0] <= Recv header, 22 bytes (0x16)
0000: content-language: en
09:10:47.887695 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=22) -> 0
09:10:47.895476 [0-0] == Info: [WRITE] cw_out, wrote 22 header bytes -> 22
09:10:47.902107 [0-0] == Info: [WRITE] download_write header(type=4, blen=22) -> 0
09:10:47.908195 [0-0] == Info: [WRITE] client_write(type=4, len=22) -> 0
09:10:47.914699 [0-0] <= Recv header, 23 bytes (0x17)
0000: x-frame-options: deny
09:10:47.921209 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=23) -> 0
09:10:47.927307 [0-0] == Info: [WRITE] cw_out, wrote 23 header bytes -> 23
09:10:47.933838 [0-0] == Info: [WRITE] download_write header(type=4, blen=23) -> 0
09:10:47.940374 [0-0] == Info: [WRITE] client_write(type=4, len=23) -> 0
09:10:47.947435 [0-0] <= Recv header, 33 bytes (0x21)
0000: x-content-type-options: nosniff
09:10:47.954148 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=33) -> 0
09:10:47.960878 [0-0] == Info: [WRITE] cw_out, wrote 33 header bytes -> 33
09:10:47.967769 [0-0] == Info: [WRITE] download_write header(type=4, blen=33) -> 0
09:10:47.974763 [0-0] == Info: [WRITE] client_write(type=4, len=33) -> 0
09:10:47.980454 [0-0] <= Recv header, 33 bytes (0x21)
0000: x-xss-protection: 1; mode=block
09:10:47.987898 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=33) -> 0
09:10:47.994856 [0-0] == Info: [WRITE] cw_out, wrote 33 header bytes -> 33
09:10:48.002962 [0-0] == Info: [WRITE] download_write header(type=4, blen=33) -> 0
09:10:48.012778 [0-0] == Info: [WRITE] client_write(type=4, len=33) -> 0
09:10:48.019977 [0-0] <= Recv header, 1087 bytes (0x43f)
0000: content-security-policy: frame-ancestors 'self' *.sentry.io; scr
0040: ipt-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com
0080:  js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.
00c0: s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com conne
0100: ct-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io
0140: data.pendo.io pendo-io-static.storage.googleapis.com pendo-stati
0180: c-5634074999128064.storage.googleapis.com; default-src 'none'; f
01c0: ont-src * data:; base-uri 'none'; media-src *; connect-src 'self
0200: ' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry
0240: .io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app
0280: .pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.status
02c0: page.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com;
0300:  frame-src app.pendo.io demo.arcade.software js.stripe.com sentr
0340: y.io; worker-src blob:; object-src 'none'; img-src * blob: data:
0380: ; style-src * 'unsafe-inline'; report-uri https://o1.ingest.sent
03c0: ry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142
0400: ff78e&sentry_release=d426d008006b59bb7c40428a483466ccea9b36a4
09:10:48.123343 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=1087) -> 0
09:10:48.129729 [0-0] == Info: [WRITE] cw_out, wrote 1087 header bytes -> 1087
09:10:48.136540 [0-0] == Info: [WRITE] download_write header(type=4, blen=1087) -> 0
09:10:48.144392 [0-0] == Info: [WRITE] client_write(type=4, len=1087) -> 0
09:10:48.151899 [0-0] <= Recv header, 26 bytes (0x1a)
0000: x-envoy-attempt-count: 1
09:10:48.158493 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=26) -> 0
09:10:48.165144 [0-0] == Info: [WRITE] cw_out, wrote 26 header bytes -> 26
09:10:48.170444 [0-0] == Info: [WRITE] download_write header(type=4, blen=26) -> 0
09:10:48.176235 [0-0] == Info: [WRITE] client_write(type=4, len=26) -> 0
09:10:48.181963 [0-0] <= Recv header, 34 bytes (0x22)
0000: x-envoy-upstream-service-time: 8
09:10:48.188650 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=34) -> 0
09:10:48.194836 [0-0] == Info: [WRITE] cw_out, wrote 34 header bytes -> 34
09:10:48.200233 [0-0] == Info: [WRITE] download_write header(type=4, blen=34) -> 0
09:10:48.206673 [0-0] == Info: [WRITE] client_write(type=4, len=34) -> 0
09:10:48.212719 [0-0] <= Recv header, 78 bytes (0x4e)
0000: x-served-by: getsentry-control-web-default-common-production-7c9
0040: 8bb79d-tzwqq
09:10:48.224780 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=78) -> 0
09:10:48.233563 [0-0] == Info: [WRITE] cw_out, wrote 78 header bytes -> 78
09:10:48.239909 [0-0] == Info: [WRITE] download_write header(type=4, blen=78) -> 0
09:10:48.247289 [0-0] == Info: [WRITE] client_write(type=4, len=78) -> 0
09:10:48.253405 [0-0] <= Recv header, 48 bytes (0x30)
0000: x-served-by: frontend-default-66b79b5797-4zbkf
09:10:48.262165 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=48) -> 0
09:10:48.269332 [0-0] == Info: [WRITE] cw_out, wrote 48 header bytes -> 48
09:10:48.275774 [0-0] == Info: [WRITE] download_write header(type=4, blen=48) -> 0
09:10:48.282456 [0-0] == Info: [WRITE] client_write(type=4, len=48) -> 0
09:10:48.288621 [0-0] <= Recv header, 89 bytes (0x59)
0000: nel: {"report_to":"nel","max_age":86400,"success_fraction":0.0,"
0040: failure_fraction":0.05}
09:10:48.300062 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=89) -> 0
09:10:48.307219 [0-0] == Info: [WRITE] cw_out, wrote 89 header bytes -> 89
09:10:48.312913 [0-0] == Info: [WRITE] download_write header(type=4, blen=89) -> 0
09:10:48.320307 [0-0] == Info: [WRITE] client_write(type=4, len=89) -> 0
09:10:48.326284 [0-0] <= Recv header, 166 bytes (0xa6)
0000: report-to: {"group":"nel","max_age":86400,"endpoints":[{"url":"h
0040: ttps://sentry.my.sentry.io/api/4506178834399232/nel/?sentry_key=
0080: cc6b0c47f15d14fda5c9983805851249"}]}
09:10:48.346698 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=166) -> 0
09:10:48.353960 [0-0] == Info: [WRITE] cw_out, wrote 166 header bytes -> 166
09:10:48.359342 [0-0] == Info: [WRITE] download_write header(type=4, blen=166) -> 0
09:10:48.365432 [0-0] == Info: [WRITE] client_write(type=4, len=166) -> 0
09:10:48.372591 [0-0] <= Recv header, 17 bytes (0x11)
0000: via: 1.1 google
09:10:48.378093 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=17) -> 0
09:10:48.384790 [0-0] == Info: [WRITE] cw_out, wrote 17 header bytes -> 17
09:10:48.390429 [0-0] == Info: [WRITE] download_write header(type=4, blen=17) -> 0
09:10:48.396878 [0-0] == Info: [WRITE] client_write(type=4, len=17) -> 0
09:10:48.402775 [0-0] <= Recv header, 73 bytes (0x49)
0000: strict-transport-security: max-age=31536000; includeSubDomains;
0040: preload
09:10:48.414525 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=73) -> 0
09:10:48.421416 [0-0] == Info: [WRITE] cw_out, wrote 73 header bytes -> 73
09:10:48.426981 [0-0] == Info: [WRITE] download_write header(type=4, blen=73) -> 0
09:10:48.433776 [0-0] == Info: [WRITE] client_write(type=4, len=73) -> 0
09:10:48.440003 [0-0] <= Recv header, 57 bytes (0x39)
0000: Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
09:10:48.449091 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=57) -> 0
09:10:48.455784 [0-0] == Info: [WRITE] cw_out, wrote 57 header bytes -> 57
09:10:48.461665 [0-0] == Info: [WRITE] download_write header(type=4, blen=57) -> 0
09:10:48.468080 [0-0] == Info: [WRITE] client_write(type=4, len=57) -> 0
09:10:48.473144 [0-0] <= Recv header, 2 bytes (0x2)
0000:
09:10:48.477489 [0-0] == Info: [WRITE] header_collect pushed(type=1, len=2) -> 0
09:10:48.483585 [0-0] == Info: [WRITE] cw_out, wrote 2 header bytes -> 2
09:10:48.488348 [0-0] == Info: [WRITE] download_write header(type=4, blen=2) -> 0
09:10:48.494605 [0-0] == Info: [WRITE] client_write(type=4, len=2) -> 0
09:10:48.507145 [0-0] == Info: [WRITE] xfer_write_resp(len=1971, eos=0) -> 0
09:10:48.515618 [0-0] == Info: [WRITE] cw-out is notpaused
09:10:48.520539 [0-0] == Info: [WRITE] cw-out done
09:10:48.531242 [0-0] == Info: [READ] client_reset, clear readers
09:10:48.538623 [0-0] == Info: Connection #0 to host sentry.io left intact

[hernaldog]

Update: I go to Debug Configuration whit this VM Argumens

-Djavax.net.ssl.trustStore="C:\jdk-21.0.4\lib\security\cacerts" -Djavax.net.ssl.trustStorePassword=changeit

And this send me a large Log with all errors and SSLs Certificated that try to charge in runtime. Maybe this can help

. ____ _ __ _ _
/\ / ' __ _ () __ __ _ \ \ \
( ( )__ | '_ | '| | ' / ` | \ \ \
\/ )| |)| | | | | || (| | ) ) ) )
' || .__|| ||| |_, | / / / /
=========||==============|/=////

�[32m :: Spring Boot :: �[39m �[2m (v3.4.3)�[0;39m

�[2m2025-03-12T10:11:17.849-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mcl.tisal.arq.ArqApplication �[0;39m �[2m:�[0;39m Starting ArqApplication using Java 21.0.3 with PID 28908 (C:\desarrollos\arq-poc-log-sentry\target\classes started by hgonzalez in C:\desarrollos\arq-poc-log-sentry)
�[2m2025-03-12T10:11:17.852-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mcl.tisal.arq.ArqApplication �[0;39m �[2m:�[0;39m No active profile set, falling back to 1 default profile: "default"
�[2m2025-03-12T10:11:18.649-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mo.s.b.w.embedded.tomcat.TomcatWebServer �[0;39m �[2m:�[0;39m Tomcat initialized with port 8080 (http)
�[2m2025-03-12T10:11:18.661-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mo.apache.catalina.core.StandardService �[0;39m �[2m:�[0;39m Starting service [Tomcat]
�[2m2025-03-12T10:11:18.661-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mo.apache.catalina.core.StandardEngine �[0;39m �[2m:�[0;39m Starting Servlet engine: [Apache Tomcat/10.1.36]
�[2m2025-03-12T10:11:18.702-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mo.a.c.c.C.[Tomcat].[localhost].[/] �[0;39m �[2m:�[0;39m Initializing Spring embedded WebApplicationContext
�[2m2025-03-12T10:11:18.702-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mw.s.c.ServletWebServerApplicationContext�[0;39m �[2m:�[0;39m Root WebApplicationContext: initialization completed in 797 ms
INFO: Initializing SDK with DSN: 'https://496ecee9b8f90beb6ee44b8c72aa3e8c@o4508846212186115.ingest.us.sentry.io/4508937126871040'
INFO: No outbox dir path is defined in options.
INFO: Debug Meta Data Properties loaded from file:/C:/desarrollos/arq-poc-log-sentry/target/classes/sentry-debug-meta.properties
DEBUG: Bundle IDs found: 45e61b8c-5d36-4f8c-aedc-057aafdc3877
DEBUG: UncaughtExceptionHandlerIntegration enabled: true
DEBUG: UncaughtExceptionHandlerIntegration installed.
DEBUG: ShutdownHookIntegration installed.
DEBUG: SpotlightIntegration is not enabled. BeforeEnvelopeCallback is already set or spotlight is not enabled.
INFO: Cache dir is not set, not finalizing the previous session.
DEBUG: Using openTelemetryMode AUTO
DEBUG: Using span factory io.sentry.DefaultSpanFactory
DEBUG: Using scopes storage io.sentry.DefaultScopesStorage
�[2m2025-03-12T10:11:19.126-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mo.s.b.w.embedded.tomcat.TomcatWebServer �[0;39m �[2m:�[0;39m Tomcat started on port 8080 (http) with context path '/'
�[2m2025-03-12T10:11:19.132-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [ main] �[0;39m�[36mcl.tisal.arq.ArqApplication �[0;39m �[2m:�[0;39m Started ArqApplication in 1.653 seconds (process running for 2.547)
�[2m2025-03-12T10:11:23.828-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [nio-8080-exec-1] �[0;39m�[36mo.a.c.c.C.[Tomcat].[localhost].[/] �[0;39m �[2m:�[0;39m Initializing Spring DispatcherServlet 'dispatcherServlet'
�[2m2025-03-12T10:11:23.829-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [nio-8080-exec-1] �[0;39m�[36mo.s.web.servlet.DispatcherServlet �[0;39m �[2m:�[0;39m Initializing Servlet 'dispatcherServlet'
�[2m2025-03-12T10:11:23.829-03:00�[0;39m �[32m INFO�[0;39m �[35m28908�[0;39m �[2m--- [arq] [nio-8080-exec-1] �[0;39m�[36mo.s.web.servlet.DispatcherServlet �[0;39m �[2m:�[0;39m Completed initialization in 0 ms
DEBUG: Capturing event: 59fc09a3d6504522a15961467b59165f
INFO: sentry-external-modules.txt file was not found.
INFO: Session is null on scope.withSession
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.654 CLST|SSLCipher.java:432|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.655 CLST|SSLCipher.java:432|jdk.tls.keyLimits: entry = ChaCha20-Poly1305 KeyUpdate 2^37. CHACHA20-POLY1305:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.671 CLST|TrustStoreManager.java:113|trustStore is: C:\jdk-21.0.4\lib\security\cacerts
trustStore type is: pkcs12
trustStore provider is:
the last modified time is: Wed Mar 12 10:00:01 CLST 2025
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.672 CLST|TrustStoreManager.java:333|Reload the trust store
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.708 CLST|TrustStoreManager.java:341|Reload trust certs
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.709 CLST|TrustStoreManager.java:346|Reloaded 115 trust certs
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.748 CLST|X509TrustManagerImpl.java:82|adding as trusted certificates (
"certificate" : {
"version" : "v3",
"serial number" : "062533B1470333275CF98D9AB9BFCCF8",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=Certainly Root E1, O=Certainly, C=US",
"not before" : "2021-03-31 21:00:00.000 CLST",
"not after" : "2046-03-31 21:00:00.000 CLST",
"subject" : "CN=Certainly Root E1, O=Certainly, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F3 28 18 CB 64 75 EE 29 2A EB ED AE 23 58 38 85 .(..du.)*...#X8.
0010: EB C8 22 07 ..".
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00A68B79290000000050D091F9",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"not before" : "2012-12-18 12:25:36.000 CLST",
"not after" : "2037-12-18 12:55:36.000 CLST",
"subject" : "CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B7 63 E7 1A DD 8D E9 08 A6 55 83 A4 E0 6A 50 41 .c.......U...jPA
0010: 65 11 42 49 e.BI
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0CF08E5C0816A5AD427FF0EB271859D0",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=SecureTrust CA, O=SecureTrust Corporation, C=US",
"not before" : "2006-11-07 16:31:18.000 CLST",
"not after" : "2029-12-31 16:40:55.000 CLST",
"subject" : "CN=SecureTrust CA, O=SecureTrust Corporation, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
},
{
ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.securetrust.com/STCA.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 42 32 B6 16 FA 04 FD FE 5D 4B 7A C3 FD F7 4C 40 B2......]Kz...L@
0010: 1D 5A 43 AF .ZC.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "083BE056904246B1A1756AC95991C74A",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2006-11-09 21:00:00.000 CLST",
"not after" : "2031-11-09 21:00:00.000 CLST",
"subject" : "CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Hellenic Academic and Research Institutions RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR",
"not before" : "2015-07-07 07:11:21.000 CLST",
"not after" : "2040-06-30 06:11:21.000 CLT",
"subject" : "CN=Hellenic Academic and Research Institutions RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 71 15 67 C8 C8 C9 BD 75 5D 72 D0 38 18 6A 9D F3 q.g....u]r.8.j..
0010: 71 24 54 0B q$T.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "445734245B81899B35F2CEB82B3B5BA726F07528",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM",
"not before" : "2012-01-12 15:59:32.000 CLST",
"not after" : "2042-01-12 15:59:32.000 CLST",
"subject" : "CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: ED E7 6F 76 5A BF 60 EC 49 5B C6 A5 77 BB 72 16 ..ovZ.`.I[..w.r.
0010: 71 9B C4 3D q..=
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "059B1B579E8E2132E23907BDA777755C",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2013-08-01 08:00:00.000 CLT",
"not after" : "2038-01-15 09:00:00.000 CLST",
"subject" : "CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: EC D7 E3 82 D2 71 5D 64 4C DF 2E 67 3F E7 BA 98 .....q]dL..g?...
0010: AE 1C 0F 4F ...O
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "05835D663A5E5C4597B73D24F9B37D21",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
"not before" : "2024-10-02 21:00:00.000 CLST",
"not after" : "2025-07-29 19:59:59.000 CLT",
"subject" : "CN=ingest.sentry.io, O=Sentry, L=San Francisco, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
},
{
ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
,
accessMethod: caIssuers
accessLocation: URIName: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
]
]
},
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 74 85 80 C0 66 C7 DF 37 DE CF BD 29 37 AA 03 1D t...f..7...)7...
0010: BE ED CD 17 ....
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl]
]]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.23.140.1.2.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 3A 2F 2F 77 77 77 2E 64 69 67 ..http://www.dig
0010: 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 icert.com/CPS

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.37 Criticality=false
    ExtendedKeyUsages [
      serverAuth
      clientAuth
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      DigitalSignature
      Key_Encipherment
    ]
  },
  {
    ObjectId: 2.5.29.17 Criticality=false
    SubjectAlternativeName [
      DNSName: ingest.sentry.io
      DNSName: *.ingest.sentry.io
      DNSName: ingest.us.sentry.io
      DNSName: *.ingest.us.sentry.io
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: C3 CE 25 90 1E E8 26 AB   F0 1B E7 EF BB 1E C6 D7  ..%...&.........
    0010: A5 11 F8 87                                        ....
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "18ACB56AFD69B6153A636CAFDAFAC4A1",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US",
"not before" : "2006-11-26 21:00:00.000 CLST",
"not after" : "2036-07-16 19:59:59.000 CLT",
"subject" : "CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 2C D5 50 41 97 15 8B F0 8F 36 61 5B 4A FB 6B D9 ,.PA.....6a[J.k.
0010: 99 C9 33 92 ..3.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withECDSA",
"issuer" : "CN=Hellenic Academic and Research Institutions ECC RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR",
"not before" : "2015-07-07 07:37:12.000 CLST",
"not after" : "2040-06-30 06:37:12.000 CLT",
"subject" : "CN=Hellenic Academic and Research Institutions ECC RootCA 2015, O=Hellenic Academic and Research Institutions Cert. Authority, L=Athens, C=GR",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B4 22 0B 82 99 24 01 0E 9C BB E4 0E FD BF FB 97 ."...$..........
0010: 20 93 99 2A ..*
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "3CF607A968700EDA8B84",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=emSign ECC Root CA - G3, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"not before" : "2018-02-18 15:30:00.000 CLST",
"not after" : "2043-02-18 15:30:00.000 CLST",
"subject" : "CN=emSign ECC Root CA - G3, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 5D 02 84 13 D4 CC 8A 9B 81 CE 17 1C 2E 29 1E .]............).
0010: 9C 48 63 42 .HcB
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withRSA",
"issuer" : "OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP",
"not before" : "2009-05-29 01:00:39.000 CLT",
"not after" : "2029-05-29 01:00:39.000 CLT",
"subject" : "OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 0A 85 A9 77 65 05 98 7C 40 81 F8 0F 97 2C 38 F1 ...we...@....,8.
0010: 0A EC 3C CF ..<.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "15C8BD65475CAFB897005EE406D2BC9D",
"signature algorithm": "SHA1withRSA",
"issuer" : "OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW",
"not before" : "2004-12-19 23:31:27.000 CLST",
"not after" : "2034-12-19 23:31:27.000 CLST",
"subject" : "OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.23.42.7.0 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 1E 0C F7 B6 67 F2 E1 92 26 09 45 C0 55 39 2E 77 ....g...&.E.U9.w
0010: 3F 42 4A A2 ?BJ.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "7777062726A9B17C",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=AffirmTrust Commercial, O=AffirmTrust, C=US",
"not before" : "2010-01-29 11:06:06.000 CLST",
"not after" : "2030-12-31 11:06:06.000 CLST",
"subject" : "CN=AffirmTrust Commercial, O=AffirmTrust, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D 93 C6 53 8B 5E CA AF 3F 9F 1E 0F E5 99 95 BC ...S.^..?.......
0010: 24 F6 94 8F $...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "76BE7FDF45EFECC2434D0E85C018C9DA",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN="Zscaler Intermediate Root CA (zscalertwo.net) (t) ", OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US",
"not before" : "2024-07-19 23:45:30.000 CLT",
"not after" : "2024-08-02 23:45:30.000 CLT",
"subject" : "CN=*.eclipse.org, O="Eclipse.org Foundation, Inc.", L=Ottawa, ST=Ontario, C=CA",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://gateway.zscalertwo.net/zscaler-zscrl--4-1.crl]
]]
},
{
ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
},
{
ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: *.eclipse.org
DNSName: eclipse.org
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0444C0",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL",
"not before" : "2008-10-22 09:07:37.000 CLST",
"not after" : "2029-12-31 09:07:37.000 CLST",
"subject" : "CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 08 76 CD CB 07 FF 24 F6 C5 CD ED BB 90 BC E2 84 .v....$.........
0010: 37 46 75 F7 7Fu.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "50946CEC18EAD59C4DD597EF758FA0AD",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US",
"not before" : "2004-11-01 14:14:04.000 CLST",
"not after" : "2035-01-01 02:37:19.000 CLST",
"subject" : "CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
},
{
ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.xrampsecurity.com/XGCA.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 4F A2 3D 06 63 84 09 9C CE 62 E4 04 AC 8D 5C .O.=.c....b....
0010: B5 E9 B6 1B ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "31F5E4620C6C58EDD6D8",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=emSign Root CA - G1, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"not before" : "2018-02-18 15:30:00.000 CLST",
"not after" : "2043-02-18 15:30:00.000 CLST",
"subject" : "CN=emSign Root CA - G1, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FB EF 0D 86 9E B0 E3 DD A9 B9 F1 21 17 7F 3E FC ...........!..>.
0010: F0 77 2B 1A .w+.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00D9B5437FAFA9390F000000005565AD58",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"not before" : "2015-05-27 08:11:16.000 CLST",
"not after" : "2037-12-27 08:41:16.000 CLST",
"subject" : "CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9F 38 C4 56 23 C3 39 E8 A0 71 6C E8 54 4C E4 E8 .8.V#.9..ql.TL..
0010: 3A B1 BF 67 :..g
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "3CB2F4480A00E2FEEB243B5E603EC36B",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US",
"not before" : "2007-11-04 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 15 5F 35 57 51 55 FB 25 B2 AD 03 69 FC 01 A3 FA .5WQU.%...i....
0010: BE 11 55 D5 ..U.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01675F27D6FE7AE3E4ACBE095B059E",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI",
"not before" : "2018-11-29 08:55:54.000 CLST",
"not after" : "2043-11-29 08:55:54.000 CLST",
"subject" : "CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 72 AC E4 33 79 AA 45 87 F6 FD AC 1D 9E D6 C7 2F r..3y.E......../
0010: 86 D8 24 39 ..$9
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 72 AC E4 33 79 AA 45 87 F6 FD AC 1D 9E D6 C7 2F r..3y.E......../
0010: 86 D8 24 39 ..$9
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "1F47AFAA62007050544C019E9B63992A",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"not before" : "2008-03-05 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 75 71 A7 19 48 19 BC 9D 9D EA 41 47 DF 94 C4 48 uq..H.....AG...H
0010: 77 99 D3 79 w..y
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "008210CFB0D240E3594463E0BB63828B00",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=ISRG Root X1, O=Internet Security Research Group, C=US",
"not before" : "2015-06-04 08:04:38.000 CLST",
"not after" : "2035-06-04 07:04:38.000 CLT",
"subject" : "CN=ISRG Root X1, O=Internet Security Research Group, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 79 B4 59 E6 7B B6 E5 E4 01 73 80 08 88 C8 1A 58 y.Y......s.....X
0010: F6 E9 9B 6E ...n
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "02AC5C266A0B409B8F0B79F2AE462577",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2006-11-09 21:00:00.000 CLST",
"not after" : "2031-11-09 21:00:00.000 CLST",
"subject" : "CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B1 3E C3 69 03 F8 BF 47 01 D4 98 26 1A 08 02 EF .>.i...G...&....
0010: 63 64 2B C3 cd+.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US",
"not before" : "2004-03-04 02:00:00.000 CLST",
"not after" : "2029-03-04 02:00:00.000 CLST",
"subject" : "CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: DA BB 2E AA B0 0C B8 88 26 51 74 5C 6D 03 D3 C0 ........&Qt\m...
0010: D8 8F 7A D6 ..z.
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: DA BB 2E AA B0 0C B8 88 26 51 74 5C 6D 03 D3 C0 ........&Qt\m...
0010: D8 8F 7A D6 ..z.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "04000000000121585308A2",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3",
"not before" : "2009-03-18 06:00:00.000 CLT",
"not after" : "2029-03-18 07:00:00.000 CLST",
"subject" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 8F F0 4B 7F A8 2E 45 24 AE 4D 50 FA 63 9A 8B DE ..K...E$.MP.c...
0010: E2 DD 1B BC ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "020000B9",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE",
"not before" : "2000-05-12 14:46:00.000 CLT",
"not after" : "2025-05-12 19:59:00.000 CLT",
"subject" : "CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:3
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E5 9D 59 30 82 47 58 CC AC FA 08 54 36 86 7B 3A ..Y0.GX....T6..:
0010: B5 04 4D F0 ..M.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"not before" : "2003-12-31 21:00:00.000 CLST",
"not after" : "2028-12-31 20:59:59.000 CLST",
"subject" : "CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/AAACertificateServices.crl]
, DistributionPoint:
[URIName: http://crl.comodo.net/AAACertificateServices.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A0 11 0A 23 3E 96 F1 07 EC E2 AF 29 EF 82 A5 7F ...#>......)....
0010: D0 30 A4 B4 .0..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA1withRSA",
"issuer" : "OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US",
"not before" : "2004-06-29 13:39:16.000 CLT",
"not after" : "2034-06-29 13:39:16.000 CLT",
"subject" : "OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ........[U.....
0010: 0E A9 88 E7 ....
]
[OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US]
SerialNumber: [ 00]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: BF 5F B7 D1 CE DD 1F 86 F4 5B 55 AC DC D7 10 C2 ._.......[U.....
0010: 0E A9 88 E7 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU",
"not before" : "2003-09-30 12:13:43.000 CLT",
"not after" : "2037-09-30 13:13:44.000 CLST",
"subject" : "CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:12
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.chambersign.org/chambersroot.crl]
]]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.17326.10.3.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 30 68 74 74 70 3A 2F 2F 63 70 73 2E 63 68 61 .0http://cps.cha
0010: 6D 62 65 72 73 69 67 6E 2E 6F 72 67 2F 63 70 73 mbersign.org/cps
0020: 2F 63 68 61 6D 62 65 72 73 72 6F 6F 74 2E 68 74 /chambersroot.ht
0030: 6D 6C ml

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.18 Criticality=false
    IssuerAlternativeName [
      RFC822Name: chambersroot@chambersign.org
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.16.840.1.113730.1.1 Criticality=false
    NetscapeCertType [
       SSL CA
       S/MIME CA
       Object Signing CA]
  },
  {
    ObjectId: 2.5.29.17 Criticality=false
    SubjectAlternativeName [
      RFC822Name: chambersroot@chambersign.org
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: E3 94 F5 B1 4D E9 DB A1   29 5B 57 8B 4D 76 06 76  ....M...)[W.Mv.v
    0010: E1 D1 A2 8A                                        ....
    ]
    ]
  }
]},

"certificate" : {
"version" : "v1",
"serial number" : "009B7E0649A33E62B9D5EE90487129EF57",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"not before" : "1999-09-30 20:00:00.000 CLT",
"not after" : "2036-07-16 19:59:59.000 CLT",
"subject" : "CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"subject public key" : "RSA"},
"certificate" : {
"version" : "v3",
"serial number" : "040000000001154B5AC394",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE",
"not before" : "1998-09-01 08:00:00.000 CLT",
"not after" : "2028-01-28 09:00:00.000 CLST",
"subject" : "CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 60 7B 66 1A 45 0D 97 CA 89 50 2F 7D 04 CD 34 A8 `.f.E....P/...4.
0010: FF FC FD 4B ...K
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "44BE0C8B500024B411D3362DE0B35F1B",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US",
"not before" : "1999-07-09 14:31:20.000 CLT",
"not after" : "2019-07-09 14:40:36.000 CLT",
"subject" : "CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.usertrust.com/UTN-USERFirst-Object.crl]
]]
},
{
ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
codeSigning
timeStamping
1.3.6.1.4.1.311.10.3.4
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: DA ED 64 74 14 9C 14 3C AB DD 99 A9 BD 5B 28 4D ..dt...<.....[(M
0010: 8B 3C C9 D8 .<..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "7C4F04391CD4992D",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=AffirmTrust Networking, O=AffirmTrust, C=US",
"not before" : "2010-01-29 11:08:24.000 CLST",
"not after" : "2030-12-31 11:08:24.000 CLST",
"subject" : "CN=AffirmTrust Networking, O=AffirmTrust, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 1F D2 E7 9C DA C2 6E A2 40 B4 B0 7A 50 10 50 .......n.@..zP.P
0010: 74 C4 C8 BD t...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0CBE",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW",
"not before" : "2012-06-27 02:28:33.000 CLT",
"not after" : "2030-12-31 12:59:59.000 CLST",
"subject" : "CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "6D8C1446B1A60AEE",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=AffirmTrust Premium, O=AffirmTrust, C=US",
"not before" : "2010-01-29 11:10:36.000 CLST",
"not after" : "2040-12-31 11:10:36.000 CLST",
"subject" : "CN=AffirmTrust Premium, O=AffirmTrust, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9D C0 67 A6 0C 22 D9 26 F5 45 AB A6 65 52 11 27 ..g..".&.E..eR.'
0010: D8 45 AC 63 .E.c
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "09E09365ACF7D9C8B93E1C0B042A2EF3",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=DigiCert TLS ECC P384 Root G5, O="DigiCert, Inc.", C=US",
"not before" : "2021-01-14 21:00:00.000 CLST",
"not after" : "2046-01-14 20:59:59.000 CLST",
"subject" : "CN=DigiCert TLS ECC P384 Root G5, O="DigiCert, Inc.", C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C1 51 45 50 59 AB 3E E7 2C 5A FA 20 22 12 07 80 .QEPY.>.,Z. "...
0010: 88 7C 11 6A ...j
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0BB8",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU",
"not before" : "2011-03-17 06:51:37.000 CLST",
"not after" : "2021-03-17 06:51:37.000 CLST",
"subject" : "CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 15 85 89 09 2F 24 87 6F 3F 1D 1B E4 F2 96 79 ...../$.o?.....y
0010: 83 48 13 CE .H..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "15AC6E9419B2794B41F627A9C3180F1F",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US",
"not before" : "2008-04-01 20:00:00.000 CLT",
"not after" : "2037-12-01 20:59:59.000 CLST",
"subject" : "CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C4 79 CA 8E A1 4E 03 1D 1C DC 6B DB 31 5B 94 3E .y...N....k.1[.>
0010: 3F 30 7F 2D ?0.-
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0203E5C068EF631A9C72905052",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=GTS Root R4, O=Google Trust Services LLC, C=US",
"not before" : "2016-06-21 20:00:00.000 CLT",
"not after" : "2036-06-21 20:00:00.000 CLT",
"subject" : "CN=GTS Root R4, O=Google Trust Services LLC, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 80 4C D6 EB 74 FF 49 36 A3 D5 D8 FC B5 3E C5 6A .L..t.I6.....>.j
0010: F0 94 1D 8C ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0A7EA6DF4B449EDA6A24859EE6B815D3167FBBB1",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=LuxTrust Global Root 2, O=LuxTrust S.A., C=LU",
"not before" : "2015-03-05 10:21:57.000 CLST",
"not after" : "2035-03-05 10:21:57.000 CLST",
"subject" : "CN=LuxTrust Global Root 2, O=LuxTrust S.A., C=LU",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FF 18 28 76 F9 48 05 2C A1 AE F1 2B 1B 2B B2 53 ..(v.H.,...+.+.S
0010: F8 4B 7C B3 .K..
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.171.1.1.1.10]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1E 68 74 74 70 73 3A 2F 2F 72 65 70 6F 73 69 ..https://reposi
0010: 74 6F 72 79 2E 6C 75 78 74 72 75 73 74 2E 6C 75 tory.luxtrust.lu

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: FF 18 28 76 F9 48 05 2C   A1 AE F1 2B 1B 2B B2 53  ..(v.H.,...+.+.S
    0010: F8 4B 7C B3                                        .K..
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "00A3DA427EA4B1AEDA",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU",
"not before" : "2008-08-01 08:29:50.000 CLT",
"not after" : "2038-07-31 08:29:50.000 CLT",
"subject" : "CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F9 24 AC 0F B2 B5 F8 79 C0 FA 60 88 1B C4 D9 4D .$.....y..`....M
0010: 02 9E 17 19 ....
]
[CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ a3da427e a4b1aeda]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:12
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E ..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: F9 24 AC 0F B2 B5 F8 79   C0 FA 60 88 1B C4 D9 4D  .$.....y..`....M
    0010: 02 9E 17 19                                        ....
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "56B629CD34BC78F6",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"not before" : "2017-05-31 14:14:37.000 CLT",
"not after" : "2042-05-30 14:14:37.000 CLT",
"subject" : "CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F9 60 BB D4 E3 D5 34 F6 B8 F5 06 80 25 A7 73 DB .....4.....%.s. 0010: 46 69 A8 9E Fi.. ] ] }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: F9 60 BB D4 E3 D5 34 F6 B8 F5 06 80 25 A7 73 DB .....4.....%.s.
0010: 46 69 A8 9E Fi..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "4F1BD42F54BB2F4B",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH",
"not before" : "2006-10-25 05:32:46.000 CLST",
"not after" : "2036-10-25 05:32:46.000 CLST",
"subject" : "CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 A0 CD C1 E4 41 B6 3A 5B 3B CB 45 9D BD 1C C2 .....A.:[;.E....
0010: 98 FA 86 58 ...X
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.3.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 . http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 17 A0 CD C1 E4 41 B6 3A   5B 3B CB 45 9D BD 1C C2  .....A.:[;.E....
    0010: 98 FA 86 58                                        ...X
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "4A538C28",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"not before" : "2009-07-07 13:25:54.000 CLT",
"not after" : "2030-12-07 14:55:54.000 CLST",
"subject" : "CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 6A 72 26 7A D0 1E EF 7D E7 3B 69 51 D4 6C 8D 9F jr&z.....;iQ.l..
0010: 90 12 66 AB ..f.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "75E6DFCBC1685BA8",
"signature algorithm": "SHA256withECDSA",
"issuer" : "CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"not before" : "2016-02-12 15:14:03.000 CLST",
"not after" : "2041-02-12 15:14:03.000 CLST",
"subject" : "CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 82 D1 85 73 30 E7 35 04 D3 8E 02 92 FB E5 A4 D1 ...s0.5.........
0010: C4 21 E8 CD .!..
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 82 D1 85 73 30 E7 35 04 D3 8E 02 92 FB E5 A4 D1 ...s0.5.........
0010: C4 21 E8 CD .!..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0CE7E0E517D846FE8FE560FC1BF03039",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2006-11-09 21:00:00.000 CLST",
"not after" : "2031-11-09 21:00:00.000 CLST",
"subject" : "CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 45 EB A2 AF F4 92 CB 82 31 2D 51 8B A7 A7 21 9D E.......1-Q...!.
0010: F3 6D C8 0F .m..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA1withRSA",
"issuer" : "OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US",
"not before" : "2004-06-29 13:06:20.000 CLT",
"not after" : "2034-06-29 13:06:20.000 CLT",
"subject" : "OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
[OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US]
SerialNumber: [ 00]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D2 C4 B0 D2 91 D4 4C 11 71 B3 61 CB 3D A1 FE DD ......L.q.a.=...
0010: A8 6A D4 E3 .j..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE",
"not before" : "2000-05-30 06:48:38.000 CLT",
"not after" : "2020-05-30 06:48:38.000 CLT",
"subject" : "CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
[CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00CAE91B89F155030DA3E6416DC4E3A6E1",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Certigna Root CA, OU=0002 48146308100036, O=Dhimyotis, C=FR",
"not before" : "2013-10-01 05:32:27.000 CLST",
"not after" : "2033-10-01 05:32:27.000 CLST",
"subject" : "CN=Certigna Root CA, OU=0002 48146308100036, O=Dhimyotis, C=FR",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 18 87 56 E0 6E 77 EE 24 35 3C 4E 73 9A 1F D6 E1 ..V.nw.$5<Ns....
0010: E2 79 7E 2B .y.+
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.certigna.fr/certignarootca.crl]
, DistributionPoint:
[URIName: http://crl.dhimyotis.com/certignarootca.crl]
]]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 23 68 74 74 70 73 3A 2F 2F 77 77 77 77 2E 63 .#https://wwww.c
0010: 65 72 74 69 67 6E 61 2E 66 72 2F 61 75 74 6F 72 ertigna.fr/autor
0020: 69 74 65 73 2F ites/

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 18 87 56 E0 6E 77 EE 24   35 3C 4E 73 9A 1F D6 E1  ..V.nw.$5<Ns....
    0010: E2 79 7E 2B                                        .y.+
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "0203E5936F31B01349886BA217",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=GTS Root R1, O=Google Trust Services LLC, C=US",
"not before" : "2016-06-21 20:00:00.000 CLT",
"not after" : "2036-06-21 20:00:00.000 CLT",
"subject" : "CN=GTS Root R1, O=Google Trust Services LLC, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E4 AF 2B 26 71 1A 2B 48 27 85 2F 52 66 2C EF F0 ..+&q.+H'./Rf,..
0010: 89 13 71 3E ..q>
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE",
"not before" : "2008-10-01 06:29:56.000 CLT",
"not after" : "2033-10-01 20:59:59.000 CLST",
"subject" : "CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B5 03 F7 76 3B 61 82 6A 12 AA 18 53 EB 03 21 94 ...v;a.j...S..!.
0010: BF FE CE CA ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00DBBE982D89B77B93",
"signature algorithm": "SHA256withRSA",
"issuer" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US",
"not before" : "2014-12-18 21:27:55.000 CLST",
"not after" : "2042-05-05 20:27:55.000 CLT",
"subject" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B9 B7 DD 4A CD C3 0E 0C 86 9D 5D DF EC 1C 04 69 ...J......]....i
0010: C5 4E 98 DF .N..
]
[EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US]
SerialNumber: [ dbbe982d 89b77b93]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B9 B7 DD 4A CD C3 0E 0C 86 9D 5D DF EC 1C 04 69 ...J......]....i
0010: C5 4E 98 DF .N..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "055556BCF25EA43535C3A40FD5AB4572",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2013-08-01 08:00:00.000 CLT",
"not after" : "2038-01-15 09:00:00.000 CLST",
"subject" : "CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 DB 48 A4 F9 A1 C5 D8 AE 36 41 CC 11 63 69 62 ..H......6A..cib
0010: 29 BC 4B C6 ).K.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "008E0FF94B907168653354F4D44439B7E0",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Certainly Root R1, O=Certainly, C=US",
"not before" : "2021-03-31 21:00:00.000 CLST",
"not after" : "2046-03-31 21:00:00.000 CLST",
"subject" : "CN=Certainly Root R1, O=Certainly, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E0 AA 3F 25 8D 9F 44 5C C1 3A E8 2E AE 77 4C 84 ..?%..D.:...wL.
0010: 3E 67 0C F4 >g..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "08F9B478A8FA7EDA6A333789DE7CCF8A",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=DigiCert TLS RSA4096 Root G5, O="DigiCert, Inc.", C=US",
"not before" : "2021-01-14 21:00:00.000 CLST",
"not after" : "2046-01-14 20:59:59.000 CLST",
"subject" : "CN=DigiCert TLS RSA4096 Root G5, O="DigiCert, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 51 33 1C ED 36 40 AF 17 D3 25 CD 69 68 F2 AF 4E Q3..6@...%.ih..N
0010: 23 3E B3 41 #>.A
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "11D2BBB9D723189E405F0A9D2DD0DF2567D1",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=GlobalSign Root R46, O=GlobalSign nv-sa, C=BE",
"not before" : "2019-03-19 21:00:00.000 CLST",
"not after" : "2046-03-19 21:00:00.000 CLST",
"subject" : "CN=GlobalSign Root R46, O=GlobalSign nv-sa, C=BE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 03 5C AB 73 81 87 A8 CC B0 A6 D5 94 E2 36 96 49 ..s.........6.I
0010: FF 05 99 2C ...,
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "023456",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=GeoTrust Global CA, O=GeoTrust Inc., C=US",
"not before" : "2002-05-21 24:00:00.000 CLT",
"not after" : "2022-05-21 24:00:00.000 CLT",
"subject" : "CN=GeoTrust Global CA, O=GeoTrust Inc., C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "4EB200670C035D4F",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH",
"not before" : "2006-10-25 05:36:00.000 CLST",
"not after" : "2036-10-25 05:36:00.000 CLST",
"subject" : "CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 50 AF CC 07 87 15 47 6F 38 C5 B4 65 D1 DE 95 AA P.....Go8..e....
0010: E9 DF 9C CC ....
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.1.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 . http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 50 AF CC 07 87 15 47 6F   38 C5 B4 65 D1 DE 95 AA  P.....Go8..e....
    0010: E9 DF 9C CC                                        ....
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "605949E0262EBB55F90A778A71F94AD86C",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5",
"not before" : "2012-11-12 21:00:00.000 CLST",
"not after" : "2038-01-19 24:14:07.000 CLST",
"subject" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3D E6 29 48 9B EA 07 CA 21 44 4A 26 DE 6E DE D2 =.)H....!DJ&.n..
0010: 83 D0 9F 59 ...Y
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US",
"not before" : "2009-08-31 20:00:00.000 CLT",
"not after" : "2037-12-31 20:59:59.000 CLST",
"subject" : "CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 0C 32 1F A7 D9 30 7F C4 7D 68 A3 62 A8 A1 CE ..2...0...h.b...
0010: AB 07 5B 27 ..['
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00864DBF0FE35ED77D8ED8",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=emSign Root CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"not before" : "2018-02-18 15:30:00.000 CLST",
"not after" : "2043-02-18 15:30:00.000 CLST",
"subject" : "CN=emSign Root CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: ED EC 4D 45 61 18 28 E7 B3 23 28 11 1C 4D A5 27 ..MEa.(..#(..M.'
0010: 0D 5E EC F4 .^..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "3863DEF8",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net",
"not before" : "1999-12-24 14:50:51.000 CLST",
"not after" : "2029-07-24 10:15:12.000 CLT",
"subject" : "CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 55 E4 81 D1 11 80 BE D8 89 B9 08 A3 31 F9 A1 24 U...........1..$
0010: 09 16 B9 70 ...p
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0A0142800000014523CF467C00000002",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US",
"not before" : "2014-01-16 14:53:32.000 CLST",
"not after" : "2034-01-16 14:53:32.000 CLST",
"subject" : "CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 71 E0 9E D8 A7 42 D9 DB 71 91 6B 94 93 EB C3 .q....B..q.k....
0010: A3 D1 14 A3 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0095BE16A0F72E46F17B398272FA8BCD96",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=TeliaSonera Root CA v1, O=TeliaSonera",
"not before" : "2007-10-18 09:00:50.000 CLST",
"not after" : "2032-10-18 09:00:50.000 CLST",
"subject" : "CN=TeliaSonera Root CA v1, O=TeliaSonera",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F0 8F 59 38 00 B3 F5 8F 9A 96 0C D5 EB FA 7B AA ..Y8............
0010: 17 E8 13 12 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "344ED55720D5EDEC49F42FCE37DB2B6D",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US",
"not before" : "2006-11-16 21:00:00.000 CLST",
"not after" : "2036-07-16 19:59:59.000 CLT",
"subject" : "CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7B 5B 45 CF AF CE CB 7A FD 31 92 1A 6A B6 F3 46 .[E....z.1..j..F
0010: EB 57 48 50 .WHP
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US",
"not before" : "2009-08-31 20:00:00.000 CLT",
"not after" : "2037-12-31 20:59:59.000 CLST",
"subject" : "CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A 9A 85 07 10 67 28 B6 EF F6 BD 05 41 6E 20 C1 :....g(.....An .
0010: 94 DA 0F DE ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "2F80FE238C0E220F486712289187ACB3",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"not before" : "2007-11-04 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B3 16 91 FD EE A6 6E E4 B5 2E 49 8F 87 78 81 80 ......n...I..x..
0010: EC E5 B1 B5 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "456B5054",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US",
"not before" : "2006-11-27 17:23:42.000 CLST",
"not after" : "2026-11-27 17:53:42.000 CLST",
"subject" : "CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.2.840.113533.7.65.0 Criticality=false
},
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.16 Criticality=false
PrivateKeyUsage: [
From: Mon Nov 27 17:23:42 CLST 2006, To: Fri Nov 27 17:53:42 CLST 2026]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 68 90 E4 67 A4 A6 53 80 C7 86 66 A4 F1 F7 4B 43 h..g..S...f...KC
0010: FB 84 BD 6D ...m
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0203E5B882EB20F825276D3D66",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=GTS Root R3, O=Google Trust Services LLC, C=US",
"not before" : "2016-06-21 20:00:00.000 CLT",
"not after" : "2036-06-21 20:00:00.000 CLT",
"subject" : "CN=GTS Root R3, O=Google Trust Services LLC, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C1 F1 26 BA A0 2D AE 85 81 CF D3 F1 2A 12 BD B8 ..&..-......*...
0010: 0A 67 FD BC .g..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0E3C7AA37F384D6F5A1AA29FAEFD08DC",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US",
"not before" : "2024-07-02 20:00:00.000 CLT",
"not after" : "2025-07-22 19:59:59.000 CLT",
"subject" : "CN=sentry.io, O=Sentry, L=San Francisco, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
},
{
ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
,
accessMethod: caIssuers
accessLocation: URIName: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
]
]
},
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 74 85 80 C0 66 C7 DF 37 DE CF BD 29 37 AA 03 1D t...f..7...)7...
0010: BE ED CD 17 ....
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl]
, DistributionPoint:
[URIName: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl]
]]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.23.140.1.2.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 3A 2F 2F 77 77 77 2E 64 69 67 ..http://www.dig
0010: 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 icert.com/CPS

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.37 Criticality=false
    ExtendedKeyUsages [
      serverAuth
      clientAuth
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      DigitalSignature
      Key_Encipherment
    ]
  },
  {
    ObjectId: 2.5.29.17 Criticality=false
    SubjectAlternativeName [
      DNSName: sentry.io
      DNSName: *.sentry.io
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: E0 A6 D1 AF 9C B2 52 5F   4F BC E3 D2 0E 43 03 1B  ......R_O....C..
    0010: B5 50 78 C1                                        .Px.
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "0B931C3AD63967EA6723BFC3AF9AF44B",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2013-08-01 08:00:00.000 CLT",
"not after" : "2038-01-15 09:00:00.000 CLST",
"subject" : "CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: CE C3 4A B9 99 55 F2 B8 DB 60 BF A9 7E BD 56 B5 ..J..U...`....V.
0010: 97 36 A7 D6 .6..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "7B2C9BD316803299",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"not before" : "2016-02-12 14:39:39.000 CLST",
"not after" : "2041-02-12 14:39:39.000 CLST",
"subject" : "CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: DD 04 09 07 A2 F5 7A 7D 52 53 12 92 95 EE 38 80 ......z.RS....8.
0010: 25 0D A6 59 %..Y
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: DD 04 09 07 A2 F5 7A 7D 52 53 12 92 95 EE 38 80 ......z.RS....8.
0010: 25 0D A6 59 %..Y
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "066C9FD7C1BB104C2943E5717B7B2CC81AC10E",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=Amazon Root CA 4, O=Amazon, C=US",
"not before" : "2015-05-25 21:00:00.000 CLST",
"not after" : "2040-05-25 20:00:00.000 CLT",
"subject" : "CN=Amazon Root CA 4, O=Amazon, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D3 EC C7 3A 65 6E CC E1 DA 76 9A 56 FB 9C F3 86 ...:en...v.V....
0010: 6D 57 E5 81 mW..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "45E6BB038333C3856548E6FF4551",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6",
"not before" : "2014-12-09 21:00:00.000 CLST",
"not after" : "2034-12-09 21:00:00.000 CLST",
"subject" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AE 6C 05 A3 93 13 E2 A2 E7 E2 D7 1C D6 C7 F0 7F .l..............
0010: C8 67 53 A0 .gS.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "010020",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Certum CA, O=Unizeto Sp. z o.o., C=PL",
"not before" : "2002-06-11 06:46:39.000 CLT",
"not after" : "2027-06-11 06:46:39.000 CLT",
"subject" : "CN=Certum CA, O=Unizeto Sp. z o.o., C=PL",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE",
"not before" : "2000-05-30 06:44:50.000 CLT",
"not after" : "2020-05-30 06:44:50.000 CLT",
"subject" : "CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.....X..?..
0010: 43 CC 98 A7 C...
]
[CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 39 95 8B 62 8B 5C C9 D4 80 BA 58 0F 97 3F 15 08 9..b.....X..?..
0010: 43 CC 98 A7 C...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "02",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO",
"not before" : "2010-10-26 05:38:03.000 CLST",
"not after" : "2040-10-26 05:38:03.000 CLST",
"subject" : "CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C9 80 77 E0 62 92 82 F5 46 9C F3 BA F7 4C C3 DE ..w.b...F....L..
0010: B8 A3 AD 39 ...9
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0983F4",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE",
"not before" : "2009-11-05 05:50:46.000 CLST",
"not after" : "2029-11-05 05:50:46.000 CLST",
"subject" : "CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA%202%20EV%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_ev_2009.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D3 94 8A 4C 62 13 2A 19 2E CC AF 72 8A 7D 36 D7 ...Lb.....r..6.
0010: 9A 1C DC 67 ...g
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0BA15AFA1DDFA0B54944AFCD24A06CEC",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US",
"not before" : "2013-08-01 08:00:00.000 CLT",
"not after" : "2038-01-15 09:00:00.000 CLST",
"subject" : "CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: CB D0 BD A9 E1 98 05 51 A1 4D 37 A2 83 79 CE 8D .......Q.M7..y..
0010: 1D 2A E4 84 ...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00BB401C43F55E4FB0",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH",
"not before" : "2006-10-25 05:30:35.000 CLST",
"not after" : "2036-10-25 05:30:35.000 CLST",
"subject" : "CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 5B 25 7B 96 A4 65 51 7E B8 39 F3 C0 78 66 5E E8 [%...eQ..9..xf^.
0010: 3A E7 F0 EE :...
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.756.1.89.1.2.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 20 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 . http://reposit
0010: 6F 72 79 2E 73 77 69 73 73 73 69 67 6E 2E 63 6F ory.swisssign.co
0020: 6D 2F m/

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 5B 25 7B 96 A4 65 51 7E   B8 39 F3 C0 78 66 5E E8  [%...eQ..9..xf^.
    0010: 3A E7 F0 EE                                        :...
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "5C8B99C55A94C5D27156DECD8980CC26",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"not before" : "2010-01-31 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3A E1 09 86 D4 CF 19 C2 96 76 74 49 76 DC E0 35 :........vtIv..5
0010: C6 63 63 9A .cc.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "06CEE131BE6D55C807F7C0C7FB44E620",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=DigiCert CS RSA4096 Root G5, O="DigiCert, Inc.", C=US",
"not before" : "2021-01-14 21:00:00.000 CLST",
"not after" : "2046-01-14 20:59:59.000 CLST",
"subject" : "CN=DigiCert CS RSA4096 Root G5, O="DigiCert, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 68 01 93 B1 D2 4A 40 42 69 94 46 2C 1C 5A 88 A9 h....J@Bi.F,.Z..
0010: 25 B4 47 4F %.GO
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0A0142800000014523C844B500000002",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US",
"not before" : "2014-01-16 15:12:23.000 CLST",
"not after" : "2034-01-16 15:12:23.000 CLST",
"subject" : "CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: ED 44 19 C0 D3 F0 06 8B EE A4 7B BE 42 E7 26 54 .D..........B.&T
0010: C8 8E 36 76 ..6v
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0509",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM",
"not before" : "2006-11-24 15:27:00.000 CLST",
"not after" : "2031-11-24 15:23:33.000 CLST",
"subject" : "CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
[CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM]
SerialNumber: [ 0509]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 1A 84 62 BC 48 4C 33 25 04 D4 EE D0 F6 03 C4 19 ..b.HL3%........
0010: 46 D1 94 6B F..k
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "7F9FEF6FBAA261C59E3E535C80FAB3F0",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN="Zscaler Intermediate Root CA (zscalertwo.net) (t) ", OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US",
"not before" : "2024-07-19 23:45:30.000 CLT",
"not after" : "2024-08-02 23:45:30.000 CLT",
"subject" : "CN=*.spring.io, O=VMware LLC, L=Palo Alto, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://gateway.zscalertwo.net/zscaler-zscrl--4-1.crl]
]]
},
{
ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
},
{
ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: *.spring.io
DNSName: spring.io
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0983F3",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE",
"not before" : "2009-11-05 05:35:58.000 CLST",
"not after" : "2029-11-05 05:35:58.000 CLST",
"subject" : "CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA%202%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist]
, DistributionPoint:
[URIName: http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_2009.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FD DA 14 C4 9F 30 DE 21 BD 1E 42 39 FC AB 63 23 .....0.!..B9..c#
0010: 49 E0 F1 84 I...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "78585F2EAD2C194BE3370735341328B596D46593",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM",
"not before" : "2012-01-12 14:27:44.000 CLST",
"not after" : "2042-01-12 14:27:44.000 CLST",
"subject" : "CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A3 97 D6 F3 5E A2 10 E1 AB 45 9F 3C 17 64 3C EE ....^....E.<.d<.
0010: 01 70 9C CC .p..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "01FD6D30FCA3CA51A81BBC640E35032D",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"not before" : "2010-01-31 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 53 79 BF 5A AA 2B 4A CF 54 80 E1 D8 9B C0 9D F2 Sy.Z.+J.T.......
0010: B2 03 66 CB ..f.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "18DAD19E267DE8BB4A2158CDCC6B3B4A",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"not before" : "2006-11-07 21:00:00.000 CLST",
"not after" : "2036-07-16 19:59:59.000 CLT",
"subject" : "CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7F D3 65 A7 C2 DD EC BB F0 30 09 F3 43 39 FA 02 ..e......0..C9..
0010: AF 33 31 33 .313
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "05C6",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM",
"not before" : "2006-11-24 16:11:23.000 CLST",
"not after" : "2031-11-24 16:06:44.000 CLST",
"subject" : "CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F2 C0 13 E0 82 43 3E FB EE 2F 67 32 96 35 5C DB .....C>../g2.5.
0010: B8 CB 02 D0 ....
]
[CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM]
SerialNumber: [ 05c6]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 86 1A 81 83 41 6E 79 20 75 73 65 20 6F 66 0.....Any use of
0010: 20 74 68 69 73 20 43 65 72 74 69 66 69 63 61 74 this Certificat
0020: 65 20 63 6F 6E 73 74 69 74 75 74 65 73 20 61 63 e constitutes ac
0030: 63 65 70 74 61 6E 63 65 20 6F 66 20 74 68 65 20 ceptance of the
0040: 51 75 6F 56 61 64 69 73 20 52 6F 6F 74 20 43 41 QuoVadis Root CA
0050: 20 33 20 43 65 72 74 69 66 69 63 61 74 65 20 50 3 Certificate P
0060: 6F 6C 69 63 79 20 2F 20 43 65 72 74 69 66 69 63 olicy / Certific
0070: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0080: 74 61 74 65 6D 65 6E 74 2E tatement.

    ], PolicyQualifierInfo: [
      qualifierID: 1.3.6.1.5.5.7.2.1
      qualifier: 0000: 16 21 68 74 74 70 3A 2F   2F 77 77 77 2E 71 75 6F  .!http://www.quo
    0010: 76 61 64 69 73 67 6C 6F   62 61 6C 2E 63 6F 6D 2F  vadisglobal.com/
    0020: 63 70 73                                           cps
    
    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=false
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: F2 C0 13 E0 82 43 3E FB   EE 2F 67 32 96 35 5C DB  .....C>../g2.5\.
    0010: B8 CB 02 D0                                        ....
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "00",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US",
"not before" : "2009-08-31 20:00:00.000 CLT",
"not after" : "2037-12-31 20:59:59.000 CLST",
"subject" : "CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9C 5F 00 DF AA 01 D7 30 2B 38 88 A2 B8 6D 4A 9C ._.....0+8...mJ.
0010: F2 11 91 83 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "066C9FD5749736663F3B0B9AD9E89E7603F24A",
"signature algorithm": "SHA256withECDSA",
"issuer" : "CN=Amazon Root CA 3, O=Amazon, C=US",
"not before" : "2015-05-25 21:00:00.000 CLST",
"not after" : "2040-05-25 20:00:00.000 CLT",
"subject" : "CN=Amazon Root CA 3, O=Amazon, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AB B6 DB D7 06 9E 37 AC 30 86 07 91 70 C7 9C C4 ......7.0...p...
0010: 19 B1 78 C0 ..x.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "11D2BBBA336ED4BCE62468C50D841D98E843",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=GlobalSign Root E46, O=GlobalSign nv-sa, C=BE",
"not before" : "2019-03-19 21:00:00.000 CLST",
"not after" : "2046-03-19 21:00:00.000 CLST",
"subject" : "CN=GlobalSign Root E46, O=GlobalSign nv-sa, C=BE",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 31 0A 90 8F B6 C6 9D D2 44 4B 80 B5 A2 E6 1F B1 1.......DK......
0010: 12 4F 1B 95 .O..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "1ED397095FD8B4B347701EAABE7F45B3",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft Corporation, C=US",
"not before" : "2019-12-18 19:51:22.000 CLST",
"not after" : "2042-07-18 19:00:23.000 CLT",
"subject" : "CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft Corporation, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 09 CB 59 7F 86 B2 70 8F 1A C3 39 E3 C0 D9 E9 BF ..Y...p...9.....
0010: BB 4D B2 23 .M.#
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "2EF59B0228A7DB7AFFD5A3A9EEBD03A0CF126A1D",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM",
"not before" : "2012-01-12 17:26:32.000 CLST",
"not after" : "2042-01-12 17:26:32.000 CLST",
"subject" : "CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C6 17 D0 BC A8 EA 02 43 F2 1B 06 99 5D 2B 90 20 .......C....]+.
0010: B9 D7 9C E4 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "570A119742C4E3CC",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT",
"not before" : "2011-09-22 08:22:02.000 CLST",
"not after" : "2030-09-22 08:22:02.000 CLST",
"subject" : "CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 52 D8 88 3A C8 9F 78 66 ED 89 F3 7B 38 70 94 C9 R..:..xf....8p..
0010: 02 02 36 D0 ..6.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "03698FE712D519F3CED0FDB7B1643011",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=DigiCert CS ECC P384 Root G5, O="DigiCert, Inc.", C=US",
"not before" : "2021-01-14 21:00:00.000 CLST",
"not after" : "2046-01-14 20:59:59.000 CLST",
"subject" : "CN=DigiCert CS ECC P384 Root G5, O="DigiCert, Inc.", C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F0 8C 98 71 39 38 65 C2 3A 1B A6 17 66 1D C8 ED ...q98e.:...f...
0010: 65 DE 92 36 e..6
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00FEDCE3010FC948FF",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Certigna, O=Dhimyotis, C=FR",
"not before" : "2007-06-29 11:13:05.000 CLT",
"not after" : "2027-06-29 11:13:05.000 CLT",
"subject" : "CN=Certigna, O=Dhimyotis, C=FR",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 1A ED FE 41 39 90 B4 24 59 BE 01 F2 52 D5 45 F6 ...A9..$Y...R.E.
0010: 5A 39 DC 11 Z9..
]
[CN=Certigna, O=Dhimyotis, C=FR]
SerialNumber: [ fedce301 0fc948ff]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 1A ED FE 41 39 90 B4 24 59 BE 01 F2 52 D5 45 F6 ...A9..$Y...R.E.
0010: 5A 39 DC 11 Z9..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "0203E5AEC58D04251AAB1125AA",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=GTS Root R2, O=Google Trust Services LLC, C=US",
"not before" : "2016-06-21 20:00:00.000 CLT",
"not after" : "2036-06-21 20:00:00.000 CLT",
"subject" : "CN=GTS Root R2, O=Google Trust Services LLC, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: BB FF CA 8E 23 9F 4F 99 CA DB E2 68 A6 A5 15 27 ....#.O....h...'
0010: 17 1E D9 0E ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "3AB6508B",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM",
"not before" : "2001-03-19 14:33:33.000 CLT",
"not after" : "2021-03-17 15:33:33.000 CLST",
"subject" : "CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: https://ocsp.quovadisoffshore.com
]
]
},
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 8B 4B 6D ED D3 29 B9 06 19 EC 39 39 A9 F0 97 84 .Km..)....99....
0010: 6A CB EF DF j...
]
[CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM]
SerialNumber: [ 3ab6508b]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.8024.0.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 C7 1A 81 C4 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o
0010: 6E 20 74 68 65 20 51 75 6F 56 61 64 69 73 20 52 n the QuoVadis R
0020: 6F 6F 74 20 43 65 72 74 69 66 69 63 61 74 65 20 oot Certificate
0030: 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 73 by any party ass
0040: 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 20 umes acceptance
0050: 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 6C of the then appl
0060: 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 20 icable standard
0070: 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 74 terms and condit
0080: 69 6F 6E 73 20 6F 66 20 75 73 65 2C 20 63 65 72 ions of use, cer
0090: 74 69 66 69 63 61 74 69 6F 6E 20 70 72 61 63 74 tification pract
00A0: 69 63 65 73 2C 20 61 6E 64 20 74 68 65 20 51 75 ices, and the Qu
00B0: 6F 56 61 64 69 73 20 43 65 72 74 69 66 69 63 61 oVadis Certifica
00C0: 74 65 20 50 6F 6C 69 63 79 2E te Policy.

    ], PolicyQualifierInfo: [
      qualifierID: 1.3.6.1.5.5.7.2.1
      qualifier: 0000: 16 16 68 74 74 70 3A 2F   2F 77 77 77 2E 71 75 6F  ..http://www.quo
    0010: 76 61 64 69 73 2E 62 6D                            vadis.bm
    
    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: 8B 4B 6D ED D3 29 B9 06   19 EC 39 39 A9 F0 97 84  .Km..)....99....
    0010: 6A CB EF DF                                        j...
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "02",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO",
"not before" : "2010-10-26 05:28:58.000 CLST",
"not after" : "2040-10-26 05:28:58.000 CLST",
"subject" : "CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 47 B8 CD FF E5 6F EE F8 B2 EC 2F 4E 0E F9 25 B0 G....o..../N..%.
0010: 8E 3C 6B C3 .<k.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "35FC265CD9844FC93D263D579BAED756",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US",
"not before" : "2007-11-04 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9A D8 00 30 00 E7 6B 7F 85 18 EE 8B B6 CE 8A 0C ...0..k.........
0010: F8 11 E1 BB ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "41D29DD172EAEEA780C12C6CE92F8752",
"signature algorithm": "SHA384withECDSA",
"issuer" : "CN=ISRG Root X2, O=Internet Security Research Group, C=US",
"not before" : "2020-09-03 20:00:00.000 CLT",
"not after" : "2040-09-17 13:00:00.000 CLST",
"subject" : "CN=ISRG Root X2, O=Internet Security Research Group, C=US",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7C 42 96 AE DE 4B 48 3B FA 92 F8 9E 8C CF 6D 8B .B...KH;......m.
0010: A9 72 37 95 .r7.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "401AC46421B31321030EBBE4121AC51D",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"not before" : "2008-04-01 20:00:00.000 CLT",
"not after" : "2037-12-01 20:59:59.000 CLST",
"subject" : "CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B6 77 FA 69 48 47 9F 53 12 D5 C2 EA 07 32 76 07 .w.iHG.S.....2v.
0010: D1 97 07 19 ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "066C9FCF99BF8C0A39E2F0788A43E696365BCA",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=Amazon Root CA 1, O=Amazon, C=US",
"not before" : "2015-05-25 21:00:00.000 CLST",
"not after" : "2038-01-16 21:00:00.000 CLST",
"subject" : "CN=Amazon Root CA 1, O=Amazon, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 84 18 CC 85 34 EC BC 0C 94 94 2E 08 59 9C C7 B2 ....4.......Y...
0010: 10 4E 0A 08 .N..
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "066C9FD29635869F0A0FE58678F85B26BB8A37",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=Amazon Root CA 2, O=Amazon, C=US",
"not before" : "2015-05-25 21:00:00.000 CLST",
"not after" : "2040-05-25 20:00:00.000 CLT",
"subject" : "CN=Amazon Root CA 2, O=Amazon, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B0 0C F0 4C 30 F4 05 58 02 48 FD 33 E5 52 AF 4B ...L0..X.H.3.R.K
0010: 84 E3 66 52 ..fR
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "2A38A41C960A04DE42B228A50BE8349802",
"signature algorithm": "SHA256withECDSA",
"issuer" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4",
"not before" : "2012-11-12 21:00:00.000 CLST",
"not after" : "2038-01-19 24:14:07.000 CLST",
"subject" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4",
"subject public key" : "EC",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 54 B0 7B AD 45 B8 E2 40 7F FB 0A 6E FB BE 33 C9 T...E..@...n..3.
0010: 3C A3 84 D5 <...
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "00C9CDD3E9D57D23CE",
"signature algorithm": "SHA1withRSA",
"issuer" : "CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU",
"not before" : "2008-08-01 08:31:40.000 CLT",
"not after" : "2038-07-31 08:31:40.000 CLT",
"subject" : "CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B9 09 CA 9C 1E DB D3 6C 3A 6B AE ED 54 F1 5B 93 .......l:k..T.[.
0010: 06 35 2E 5E .5.^
]
[CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU]
SerialNumber: [ c9cdd3e9 d57d23ce]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:12
]
},
{
ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 3A 2F 2F 70 6F 6C 69 63 79 2E ..http://policy.
0010: 63 61 6D 65 72 66 69 72 6D 61 2E 63 6F 6D camerfirma.com

    ]]  ]
    ]
  },
  {
    ObjectId: 2.5.29.15 Criticality=true
    KeyUsage [
      Key_CertSign
      Crl_Sign
    ]
  },
  {
    ObjectId: 2.5.29.14 Criticality=false
    SubjectKeyIdentifier [
    KeyIdentifier [
    0000: B9 09 CA 9C 1E DB D3 6C   3A 6B AE ED 54 F1 5B 93  .......l:k..T.[.
    0010: 06 35 2E 5E                                        .5.^
    ]
    ]
  }
]},

"certificate" : {
"version" : "v3",
"serial number" : "4CAAF9CADB636FE01FF74ED85B03869D",
"signature algorithm": "SHA384withRSA",
"issuer" : "CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"not before" : "2010-01-18 21:00:00.000 CLST",
"not after" : "2038-01-18 20:59:59.000 CLST",
"subject" : "CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..
0010: D9 32 32 D4 .22.
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "600197B746A7EAB4B49AD64B2FF790FB",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US",
"not before" : "2008-04-01 20:00:00.000 CLT",
"not after" : "2037-12-01 20:59:59.000 CLST",
"subject" : "CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD 6C AA 94 60 9C ED E4 FF FA 3E 0A 74 2B 63 03 .l.......>.t+c. 0010: F7 B6 59 BF ..Y. ] ] } ]}, "certificate" : { "version" : "v3", "serial number" : "66F23DAF87DE8BB14AEA0C573101C2EC", "signature algorithm": "SHA384withECDSA", "issuer" : "CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft Corporation, C=US", "not before" : "2019-12-18 20:06:45.000 CLST", "not after" : "2042-07-18 19:16:04.000 CLT", "subject" : "CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft Corporation, C=US", "subject public key" : "EC", "extensions" : [ { ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: C8 CB 99 72 70 52 0C F8 E6 BE B2 04 57 29 2A CF ...rpR......W)*. 0010: 42 10 ED 35 B..5 ] ] } ]}, "certificate" : { "version" : "v3", "serial number" : "7497258AC73F7A54", "signature algorithm": "SHA384withECDSA", "issuer" : "CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US", "not before" : "2010-01-29 11:20:24.000 CLST", "not after" : "2040-12-31 11:20:24.000 CLST", "subject" : "CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US", "subject public key" : "EC", "extensions" : [ { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 9A AF 29 7A C0 11 35 35 26 51 30 00 C3 6A FE 40 ..)z..55&Q0..j.@ 0010: D5 AE D6 3C ...< ] ] } ]}, "certificate" : { "version" : "v3", "serial number" : "01", "signature algorithm": "SHA256withRSA", "issuer" : "CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE", "not before" : "2008-10-01 06:40:14.000 CLT", "not after" : "2033-10-01 20:59:59.000 CLST", "subject" : "CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE", "subject public key" : "RSA", "extensions" : [ { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: BF 59 20 36 00 79 A0 A0 22 6B 8C D5 F2 61 D2 B8 .Y 6.y.."k...a.. 0010: 2C CB 82 4A ,..J ] ] } ]}, "certificate" : { "version" : "v3", "serial number" : "033AF1E6A711A9A0BB2864B11D09FAE5", "signature algorithm": "SHA256withRSA", "issuer" : "CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US", "not before" : "2013-08-01 08:00:00.000 CLT", "not after" : "2038-01-15 09:00:00.000 CLST", "subject" : "CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US", "subject public key" : "RSA", "extensions" : [ { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n....... 0010: 06 17 8F 39 ...9 ] ] } ]} ) javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.811 CLST|Utilities.java:74|the previous server name in SNI (type=host_name (0), value=o4508846212186115.ingest.us.sentry.io) was replaced with (type=host_name (0), value=o4508846212186115.ingest.us.sentry.io) javax.net.ssl|INFO|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.822 CLST|AlpnExtension.java:179|No available application protocols javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.822 CLST|SSLExtensions.java:272|Ignore, context unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.823 CLST|SessionTicketExtension.java:352|Stateless resumption supported javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.823 CLST|SSLExtensions.java:272|Ignore, context unavailable extension: cookie javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.861 CLST|SSLExtensions.java:272|Ignore, context unavailable extension: renegotiation_info javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.862 CLST|PreSharedKeyExtension.java:659|No session to resume. javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.862 CLST|SSLExtensions.java:272|Ignore, context unavailable extension: pre_shared_key javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:28.865 CLST|ClientHello.java:640|Produced ClientHello handshake message ( "ClientHello": { "client version" : "TLSv1.2", "random" : "A50826112773A057BF6A49BE7D3A474D86E58D3A1EE99CD8DB28D836829B812E", "session id" : "9210B833122B746CE7AADF8D39A2ADB4024A3014D9494BCE36D85CF5000A8527", "cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]", "compression methods" : "00", "extensions" : [ "server_name (0)": { type=host_name (0), value=o4508846212186115.ingest.us.sentry.io }, "status_request (5)": { "certificate status type": ocsp "OCSP status request": { "responder_id": <empty> "request extensions": { <empty> } } }, "supported_groups (10)": { "named groups": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192] }, "ec_point_formats (11)": { "formats": [uncompressed] }, "status_request_v2 (17)": { "cert status request": { "certificate status type": ocsp_multi "OCSP status request": { "responder_id": <empty> "request extensions": { <empty> } } } }, "extended_master_secret (23)": { <empty> }, "session_ticket (35)": { <empty> }, "signature_algorithms (13)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "supported_versions (43)": { "versions": [TLSv1.3, TLSv1.2] }, "psk_key_exchange_modes (45)": { "ke_modes": [psk_dhe_ke] }, "signature_algorithms_cert (50)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "key_share (51)": { "client_shares": [ { "named group": x25519 "key_exchange": { 0000: A1 12 19 E9 97 A4 3C C3 4F A2 BF 3F E1 C3 07 E8 ......<.O..?.... 0010: 4D 9E 76 A2 DE 6C 5F 8F 71 02 67 3F 3B 41 0A 21 M.v..l_.q.g?;A.! } }, { "named group": secp256r1 "key_exchange": { 0000: 04 F1 93 CA A2 6F E7 EC B4 C9 C9 C8 37 55 87 37 .....o......7U.7 0010: BE F3 29 C2 88 DA AE A2 B8 6F 39 A4 CF 0A 3D 1B ..)......o9...=. 0020: D5 14 36 DF CB F3 00 C5 07 02 8C F2 E8 5B 3F FC ..6..........[?. 0030: E5 07 60 EF 50 57 96 2F B8 38 54 5D C9 B4 5A 03 ...PW./.8T]..Z.
0040: 56
}
},
]
}
]
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.077 CLST|ServerHello.java:883|Consuming ServerHello handshake message (
"ServerHello": {
"server version" : "TLSv1.2",
"random" : "9D9E0B027EE60F334F80CFAE3021DE7F35F19C0EF31B3F28351C2B65F62FF2BE",
"session id" : "9210B833122B746CE7AADF8D39A2ADB4024A3014D9494BCE36D85CF5000A8527",
"cipher suite" : "TLS_AES_256_GCM_SHA384(0x1302)",
"compression methods" : "00",
"extensions" : [
"supported_versions (43)": {
"selected version": [TLSv1.3]
},
"key_share (51)": {
"server_share": {
"named group": secp256r1
"key_exchange": {
0000: 04 A1 FF 84 56 6D 42 5B 77 F2 AF BD CE AC 65 E6 ....VmB[w.....e.
0010: EB 0D D0 22 B9 1E 6B 3F 9B 10 A0 37 2E CF 0C 30 ..."..k?...7...0
0020: 9F 0D F4 62 68 C2 50 FB 57 F8 C6 EA DF E6 FF AD ...bh.P.W.......
0030: 61 77 D0 D9 32 95 F6 34 25 F3 7B 9D 32 9D E5 01 aw..2..4%...2...
0040: AD
}
},
}
]
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.078 CLST|SSLExtensions.java:204|Consumed extension: supported_versions
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.078 CLST|ServerHello.java:979|Negotiated protocol version: TLSv1.3
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: server_name
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: max_fragment_length
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: status_request
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: status_request_v2
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: extended_master_secret
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:175|Ignore unsupported extension: session_ticket
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.079 CLST|SSLExtensions.java:204|Consumed extension: supported_versions
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.080 CLST|SSLExtensions.java:204|Consumed extension: key_share
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:175|Ignore unsupported extension: renegotiation_info
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|PreSharedKeyExtension.java:922|Handling pre_shared_key absence.
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: ec_point_formats
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: extended_master_secret
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:219|Ignore unavailable extension: session_ticket
javax.net.ssl|WARNING|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.081 CLST|SSLExtensions.java:227|Ignore impact of unsupported extension: supported_versions
javax.net.ssl|WARNING|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.082 CLST|SSLExtensions.java:227|Ignore impact of unsupported extension: key_share
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.082 CLST|SSLExtensions.java:219|Ignore unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.082 CLST|SSLExtensions.java:219|Ignore unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.089 CLST|SSLCipher.java:1836|KeyLimit read side: algorithm = AES/GCM/NoPadding:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.089 CLST|SSLCipher.java:1987|KeyLimit write side: algorithm = AES/GCM/NoPadding:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.090 CLST|ChangeCipherSpec.java:244|Consuming ChangeCipherSpec message
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|EncryptedExtensions.java:172|Consuming EncryptedExtensions handshake message (
"EncryptedExtensions": [

]
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:185|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:185|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:185|Ignore unavailable extension: supported_groups
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:219|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:219|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:219|Ignore unavailable extension: supported_groups
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.093 CLST|SSLExtensions.java:219|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.099 CLST|CertificateMessage.java:1135|Consuming server Certificate handshake message (
"Certificate": {
"certificate_request_context": "",
"certificate_list": [
{
"certificate" : {
"version" : "v3",
"serial number" : "7FFFBBBB3A5E5C4597B73D24F9B37D21",
"signature algorithm": "SHA256withRSA",
"issuer" : "CN="Zscaler Intermediate Root CA (zscalertwo.net) (t) ", OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US",
"not before" : "2025-03-11 24:27:07.000 CLST",
"not after" : "2025-03-22 01:07:11.000 CLST",
"subject" : "OU=Zscaler Inc., O=Zscaler Inc., CN=ingest.sentry.io, L=San Francisco, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: DD 83 4B 6F 8C B3 0E 68 87 8D 9F DC 94 98 59 0F ..Ko...h......Y.
0010: 24 60 F6 86 $.. ] ] }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] }, { ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://gateway.zscalertwo.net/zscaler-zscrl--4-1.crl] ]] }, { ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] }, { ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: ingest.sentry.io DNSName: *.ingest.sentry.io DNSName: ingest.us.sentry.io DNSName: *.ingest.us.sentry.io ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 00 91 1E C9 29 0D 18 C7 9A BF 4D 3C DC 9A 94 2C ....).....M<..., 0010: 8E 04 EA 5F ..._ ] ] } ]} "extensions": { <no extension> } }, { "certificate" : { "version" : "v3", "serial number" : "67CBC26F", "signature algorithm": "SHA256withRSA", "issuer" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Intermediate Root CA (zscalertwo.net), OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US", "not before" : "2025-03-08 01:07:11.000 CLST", "not after" : "2025-03-22 01:07:11.000 CLST", "subject" : "CN="Zscaler Intermediate Root CA (zscalertwo.net) (t) ", OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US", "subject public key" : "RSA", "extensions" : [ { ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D B2 7D 58 40 C4 7F 21 ED 99 DE 99 3F 11 37 11 M..X@..!....?.7. 0010: A5 B3 C8 11 .... ] ] }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen: no limit ] }, { ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://gateway.zscalertwo.net/crl/zs2-kek--4-1.crl] ]] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Non_repudiation Key_Encipherment Data_Encipherment Key_Agreement Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: DD 83 4B 6F 8C B3 0E 68 87 8D 9F DC 94 98 59 0F ..Ko...h......Y. 0010: 24 60 F6 86 $..
]
]
}
]}
"extensions": {

}
},
{
"certificate" : {
"version" : "v3",
"serial number" : "0100",
"signature algorithm": "SHA256withRSA",
"issuer" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US",
"not before" : "2020-06-05 01:32:29.000 CLT",
"not after" : "2041-06-23 01:32:29.000 CLT",
"subject" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Intermediate Root CA (zscalertwo.net), OU=Zscaler Inc., O=Zscaler Inc., ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://gateway.zscalertwo.net/crl/zs2-int.crl]
]]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Key_Agreement
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 4D B2 7D 58 40 C4 7F 21 ED 99 DE 99 3F 11 37 11 M..X@..!....?.7.
0010: A5 B3 C8 11 ....
]
]
}
]}
"extensions": {

}
},
]
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.099 CLST|SSLExtensions.java:185|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.099 CLST|SSLExtensions.java:185|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.099 CLST|SSLExtensions.java:185|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.145 CLST|X509TrustManagerImpl.java:246|Found trusted certificate (
"certificate" : {
"version" : "v3",
"serial number" : "00DBBE982D89B77B93",
"signature algorithm": "SHA256withRSA",
"issuer" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US",
"not before" : "2014-12-18 21:27:55.000 CLST",
"not after" : "2042-05-05 20:27:55.000 CLT",
"subject" : "EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B9 B7 DD 4A CD C3 0E 0C 86 9D 5D DF EC 1C 04 69 ...J......]....i
0010: C5 4E 98 DF .N..
]
[EMAILADDRESS=support@zscaler.com, CN=Zscaler Root CA, OU=Zscaler Inc., O=Zscaler Inc., L=San Jose, ST=California, C=US]
SerialNumber: [ dbbe982d 89b77b93]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B9 B7 DD 4A CD C3 0E 0C 86 9D 5D DF EC 1C 04 69 ...J......]....i
0010: C5 4E 98 DF .N..
]
]
}
]}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.147 CLST|CertificateVerify.java:1169|Consuming CertificateVerify handshake message (
"CertificateVerify": {
"signature algorithm": rsa_pss_rsae_sha256
"signature": {
0000: 63 26 28 C3 C4 BC 60 69 1B 7F 65 36 85 B9 68 48 c&(...i..e6..hH 0010: BC 9F 0C 32 71 D5 60 A7 14 90 04 C7 A3 4F ED 16 ...2q.......O..
0020: 5D D6 B7 8F C0 C2 7D 18 8E C0 69 74 12 C2 17 E7 ].........it....
0030: AE AB 6F 21 F6 95 89 6F 1E C9 08 E4 6F 42 26 09 ..o!...o....oB&.
0040: 29 34 8D E7 1D BC FC ED F1 CB 0C D3 6D 6C BD D3 )4..........ml..
0050: CB 5E D1 9B 1C 79 C3 11 6C 4D 5A 89 61 F3 51 54 .^...y..lMZ.a.QT
0060: 18 60 06 F4 AD 5E 19 5C F3 22 BB 78 A0 19 C2 85 ....^.\.".x.... 0070: AF 97 10 30 D5 6F F9 B3 26 24 82 03 37 5C F8 24 ...0.o..&$..7\.$ 0080: 5A 4A E1 18 82 A6 81 B5 F6 89 0A AD B0 2F 7D BC ZJ.........../.. 0090: 53 45 86 B8 4E 50 2A 13 72 3D 10 85 C3 90 64 B3 SE..NP*.r=....d. 00A0: A9 AE 11 83 4E F9 43 31 D7 7D A3 B2 E7 3C 35 A1 ....N.C1.....<5. 00B0: 59 2D 31 17 80 6A 66 06 DF 81 4E 1E B2 BC EE CF Y-1..jf...N..... 00C0: B4 9D CD BD E8 93 D6 48 B3 B7 12 B0 FA 75 5C 46 .......H.....u\F 00D0: 4A 77 13 22 55 99 5F D1 84 2C 58 F5 32 C6 48 4A Jw."U._..,X.2.HJ 00E0: 52 E6 02 1E 12 0F 8A 6B 6D DD 67 F0 A0 77 CA 74 R......km.g..w.t 00F0: 3E 1D CB 60 88 6B F1 D7 29 B7 93 79 80 D0 E6 AE >...k..)..y....
}
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.148 CLST|Finished.java:917|Consuming server Finished handshake message (
"Finished": {
"verify data": {
0000: EC CA 1C FE 65 AB CD BC E8 C3 05 3F 56 C6 48 DA ....e......?V.H.
0010: D4 F8 69 2C C8 AA 63 03 29 7C 77 F2 0E 9E 13 BB ..i,..c.).w.....
0020: 64 5B 37 5C 68 7A 0D 5D 62 22 C2 92 4D D2 4A 20 d[7\hz.]b"..M.J
}
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.149 CLST|SSLCipher.java:1836|KeyLimit read side: algorithm = AES/GCM/NoPadding:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.149 CLST|Finished.java:687|Produced client Finished handshake message (
"Finished": {
"verify data": {
0000: 60 F0 D0 FB B3 DD 6A 86 35 B5 9C 49 43 C2 3E 03 `.....j.5..IC.>.
0010: 9B E1 F9 4A 82 0F 9A 1E D5 31 C9 BC A0 C0 C2 90 ...J.....1......
0020: 1F 53 93 F2 CE 0E DC 5A D0 9E 11 B4 02 8E 2D 51 .S.....Z......-Q
}
}
)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.150 CLST|SSLCipher.java:1987|KeyLimit write side: algorithm = AES/GCM/NoPadding:KEYUPDATE
countdown value = 137438953472
DEBUG: Serializing object: {
"timestamp": "2025-03-12T13:11:27.583Z",
"exception": {
"values": [
{
"type": "ArithmeticException",
"value": "/ by zero",
"module": "java.lang",
"thread_id": 51,
"stacktrace": {
"frames": [
{
"filename": "Thread.java",
"function": "run",
"module": "java.lang.Thread",
"lineno": 1583,
"native": false
},
{
"filename": "TaskThread.java",
"function": "run",
"module": "org.apache.tomcat.util.threads.TaskThread$WrappingRunnable",
"lineno": 63,
"native": false
},
{
"filename": "ThreadPoolExecutor.java",
"function": "run",
"module": "org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker",
"lineno": 659,
"native": false
},
{
"filename": "ThreadPoolExecutor.java",
"function": "runWorker",
"module": "org.apache.tomcat.util.threads.ThreadPoolExecutor",
"lineno": 1190,
"native": false
},
{
"filename": "SocketProcessorBase.java",
"function": "run",
"module": "org.apache.tomcat.util.net.SocketProcessorBase",
"lineno": 52,
"native": false
},
{
"filename": "NioEndpoint.java",
"function": "doRun",
"module": "org.apache.tomcat.util.net.NioEndpoint$SocketProcessor",
"lineno": 1743,
"native": false
},
{
"filename": "AbstractProtocol.java",
"function": "process",
"module": "org.apache.coyote.AbstractProtocol$ConnectionHandler",
"lineno": 905,
"native": false
},
{
"filename": "AbstractProcessorLight.java",
"function": "process",
"module": "org.apache.coyote.AbstractProcessorLight",
"lineno": 63,
"native": false
},
{
"filename": "Http11Processor.java",
"function": "service",
"module": "org.apache.coyote.http11.Http11Processor",
"lineno": 397,
"native": false
},
{
"filename": "CoyoteAdapter.java",
"function": "service",
"module": "org.apache.catalina.connector.CoyoteAdapter",
"lineno": 344,
"native": false
},
{
"filename": "StandardEngineValve.java",
"function": "invoke",
"module": "org.apache.catalina.core.StandardEngineValve",
"lineno": 74,
"native": false
},
{
"filename": "ErrorReportValve.java",
"function": "invoke",
"module": "org.apache.catalina.valves.ErrorReportValve",
"lineno": 93,
"native": false
},
{
"filename": "StandardHostValve.java",
"function": "invoke",
"module": "org.apache.catalina.core.StandardHostValve",
"lineno": 115,
"native": false
},
{
"filename": "AuthenticatorBase.java",
"function": "invoke",
"module": "org.apache.catalina.authenticator.AuthenticatorBase",
"lineno": 483,
"native": false
},
{
"filename": "StandardContextValve.java",
"function": "invoke",
"module": "org.apache.catalina.core.StandardContextValve",
"lineno": 90,
"native": false
},
{
"filename": "StandardWrapperValve.java",
"function": "invoke",
"module": "org.apache.catalina.core.StandardWrapperValve",
"lineno": 167,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "CharacterEncodingFilter.java",
"function": "doFilterInternal",
"module": "org.springframework.web.filter.CharacterEncodingFilter",
"lineno": 201,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "FormContentFilter.java",
"function": "doFilterInternal",
"module": "org.springframework.web.filter.FormContentFilter",
"lineno": 93,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "RequestContextFilter.java",
"function": "doFilterInternal",
"module": "org.springframework.web.filter.RequestContextFilter",
"lineno": 100,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "OncePerRequestFilter.java",
"function": "doFilter",
"module": "org.springframework.web.filter.OncePerRequestFilter",
"lineno": 116,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 164,
"native": false
},
{
"filename": "WsFilter.java",
"function": "doFilter",
"module": "org.apache.tomcat.websocket.server.WsFilter",
"lineno": 51,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "doFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 140,
"native": false
},
{
"filename": "ApplicationFilterChain.java",
"function": "internalDoFilter",
"module": "org.apache.catalina.core.ApplicationFilterChain",
"lineno": 195,
"native": false
},
{
"filename": "HttpServlet.java",
"function": "service",
"module": "jakarta.servlet.http.HttpServlet",
"lineno": 658,
"native": false
},
{
"filename": "FrameworkServlet.java",
"function": "service",
"module": "org.springframework.web.servlet.FrameworkServlet",
"lineno": 885,
"native": false
},
{
"filename": "HttpServlet.java",
"function": "service",
"module": "jakarta.servlet.http.HttpServlet",
"lineno": 564,
"native": false
},
{
"filename": "FrameworkServlet.java",
"function": "doGet",
"module": "org.springframework.web.servlet.FrameworkServlet",
"lineno": 903,
"native": false
},
{
"filename": "FrameworkServlet.java",
"function": "processRequest",
"module": "org.springframework.web.servlet.FrameworkServlet",
"lineno": 1014,
"native": false
},
{
"filename": "DispatcherServlet.java",
"function": "doService",
"module": "org.springframework.web.servlet.DispatcherServlet",
"lineno": 978,
"native": false
},
{
"filename": "DispatcherServlet.java",
"function": "doDispatch",
"module": "org.springframework.web.servlet.DispatcherServlet",
"lineno": 1088,
"native": false
},
{
"filename": "AbstractHandlerMethodAdapter.java",
"function": "handle",
"module": "org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter",
"lineno": 87,
"native": false
},
{
"filename": "RequestMappingHandlerAdapter.java",
"function": "handleInternal",
"module": "org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter",
"lineno": 891,
"native": false
},
{
"filename": "RequestMappingHandlerAdapter.java",
"function": "invokeHandlerMethod",
"module": "org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter",
"lineno": 986,
"native": false
},
{
"filename": "ServletInvocableHandlerMethod.java",
"function": "invokeAndHandle",
"module": "org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod",
"lineno": 118,
"native": false
},
{
"filename": "InvocableHandlerMethod.java",
"function": "invokeForRequest",
"module": "org.springframework.web.method.support.InvocableHandlerMethod",
"lineno": 190,
"native": false
},
{
"filename": "InvocableHandlerMethod.java",
"function": "doInvoke",
"module": "org.springframework.web.method.support.InvocableHandlerMethod",
"lineno": 257,
"native": false
},
{
"filename": "Method.java",
"function": "invoke",
"module": "java.lang.reflect.Method",
"lineno": 580,
"native": false
},
{
"filename": "DirectMethodHandleAccessor.java",
"function": "invoke",
"module": "jdk.internal.reflect.DirectMethodHandleAccessor",
"lineno": 103,
"native": false
},
{
"filename": "HomeControlller.java",
"function": "home",
"module": "cl.tisal.arq.HomeControlller",
"lineno": 32,
"in_app": true,
"native": false
}
]
},
"mechanism": {
"type": "chained",
"exception_id": 0
}
}
]
},
"level": "info",
"transaction": "GET /home",
"fingerprint": [],
"modules": {
"jakarta.annotation-api": "2.1.1",
"jackson-annotations": "2.18.2",
"spring-boot-starter-tomcat": "3.4.3",
"jackson-core": "2.18.2",
"spring-jcl": "6.2.3",
"spring-boot-starter-json": "3.4.3",
"jackson-datatype-jdk8": "2.18.2",
"log4j-api": "2.24.3",
"spring-web": "6.2.3",
"tomcat-embed-core": "10.1.36",
"slf4j-api": "2.0.16",
"spring-boot-starter": "3.4.3",
"jackson-module-parameter-names": "2.18.2",
"spring-core": "6.2.3",
"spring-webmvc": "6.2.3",
"sentry-spring-boot-starter-jakarta": "8.3.0",
"jul-to-slf4j": "2.0.16",
"spring-expression": "6.2.3",
"spring-aop": "6.2.3",
"sentry-spring-jakarta": "8.3.0",
"sentry": "8.3.0",
"micrometer-commons": "1.14.4",
"spring-beans": "6.2.3",
"spring-boot-autoconfigure": "3.4.3",
"tomcat-embed-websocket": "10.1.36",
"logback-classic": "1.5.16",
"jackson-datatype-jsr310": "2.18.2",
"sentry-reactor": "8.3.0",
"tomcat-embed-el": "10.1.36",
"jackson-databind": "2.18.2",
"log4j-to-slf4j": "2.24.3",
"micrometer-observation": "1.14.4",
"sentry-spring-boot-jakarta": "8.3.0",
"spring-context": "6.2.3",
"spring-boot-starter-web": "3.4.3",
"logback-core": "1.5.16",
"spring-boot": "3.4.3",
"snakeyaml": "2.3",
"spring-boot-starter-logging": "3.4.3"
},
"event_id": "59fc09a3d6504522a15961467b59165f",
"contexts": {
"runtime": {
"name": "Eclipse Adoptium",
"version": "21.0.3"
},
"spring": {
"active_profiles": []
},
"trace": {
"trace_id": "8b256c3d38eb46c492fab23bc29a95bf",
"span_id": "1de8a1f8dd54454a",
"op": "default",
"origin": "manual"
}
},
"sdk": {
"name": "sentry.java.spring-boot.jakarta",
"version": "8.3.0",
"packages": [
{
"name": "maven:io.sentry:sentry",
"version": "8.3.0"
},
{
"name": "maven:io.sentry:sentry-spring-boot-starter-jakarta",
"version": "8.3.0"
}
],
"integrations": [
"SpringBoot3",
"UncaughtExceptionHandler",
"ShutdownHook"
]
},
"request": {
"url": "http://localhost:8080/home",
"method": "GET",
"cookies": "",
"headers": {
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"accept-language": "es-419,es;q=0.9,gl;q=0.8,pt;q=0.7",
"sec-fetch-user": "?1",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7",
"sec-ch-ua": ""Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": ""Windows"",
"host": "localhost:8080",
"upgrade-insecure-requests": "1",
"connection": "keep-alive",
"cache-control": "max-age=0",
"accept-encoding": "gzip, deflate, br, zstd",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36",
"sec-fetch-dest": "document"
}
},
"environment": "production",
"platform": "java",
"user": {
"ip_address": "0:0:0:0:0:0:0:1"
},
"breadcrumbs": [
{
"timestamp": "2025-03-12T13:11:23.832Z",
"type": "http",
"data": {
"method": "GET",
"url": "/home"
},
"category": "http"
}
],
"debug_meta": {
"images": [
{
"type": "jvm",
"debug_id": "45e61b8c-5d36-4f8c-aedc-057aafdc3877"
}
]
}
}
DEBUG: Envelope sent successfully.
javax.net.ssl|ALL|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.367 CLST|SSLSocketImpl.java:1136|Closing input stream
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.367 CLST|SSLSocketImpl.java:577|duplex close of SSLSocket
javax.net.ssl|WARNING|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.370 CLST|SSLSocketImpl.java:1220|input stream close depletion failed (
"throwable" : {
java.net.SocketException: Se ha anulado una conexión establecida por el software en su equipo host.
at java.base/sun.nio.ch.SocketDispatcher.read0(Native Method)
at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:46)
at java.base/sun.nio.ch.NioSocketImpl.tryRead(NioSocketImpl.java:256)
at java.base/sun.nio.ch.NioSocketImpl.timedRead(NioSocketImpl.java:274)
at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:304)
at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:346)
at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:796)
at java.base/java.net.Socket$SocketInputStream.read(Socket.java:1099)
at java.base/java.net.Socket$SocketInputStream.read(Socket.java:1093)
at java.base/sun.security.ssl.SSLSocketInputRecord.deplete(SSLSocketInputRecord.java:509)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.readLockedDeplete(SSLSocketImpl.java:1216)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.deplete(SSLSocketImpl.java:1191)
at java.base/sun.security.ssl.SSLSocketImpl.bruteForceCloseInput(SSLSocketImpl.java:808)
at java.base/sun.security.ssl.SSLSocketImpl.duplexCloseOutput(SSLSocketImpl.java:664)
at java.base/sun.security.ssl.SSLSocketImpl.close(SSLSocketImpl.java:584)
at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.close(SSLSocketImpl.java:1140)
at java.base/java.io.BufferedInputStream.close(BufferedInputStream.java:618)
at java.base/sun.net.www.MeteredStream.close(MeteredStream.java:165)
at java.base/java.io.FilterInputStream.close(FilterInputStream.java:170)
at java.base/sun.net.www.protocol.http.HttpURLConnection$HttpInputStream.close(HttpURLConnection.java:3750)
at io.sentry.transport.HttpConnection.closeAndDisconnect(HttpConnection.java:232)
at io.sentry.transport.HttpConnection.readAndLog(HttpConnection.java:199)
at io.sentry.transport.HttpConnection.send(HttpConnection.java:163)
at io.sentry.transport.AsyncHttpTransport$EnvelopeSender.flush(AsyncHttpTransport.java:299)
at io.sentry.transport.AsyncHttpTransport$EnvelopeSender.run(AsyncHttpTransport.java:244)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1583)}

)
javax.net.ssl|DEBUG|B4|SentryAsyncConnection-0|2025-03-12 10:11:29.370 CLST|SSLSocketImpl.java:1775|close the SSL connection (passive)
DEBUG: Envelope flushed