service.spiegel.de
- SPIEGEL-ONLINE GmbH -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 04:0e:e6:26:ad:6c:35:fa:1d:05:41:21:78:e1:b1:a8 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
SPIEGEL-ONLINE GmbH
Organization:
SPIEGEL-ONLINE GmbH
State / Province:
Hamburg
Locality: Hamburg
Country: DE
Locality: Hamburg
Country: DE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:0e:e6:26:ad:6c:35:fa:1d:05:41:21:78:e1:b1:a8Serial Number (int): 5394272157709892091468828185037222312
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 5f:e0:d3:de:e2:c8:d4:20:00:82:5e:d8:61:1e:02:dd:80:0c:de:99
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 8e:14:5e:c0:71:e0:97:9e:8b:75:e1:eb:10:e1:1f:05:90:2e:0b:1b
Fingerprint (sha256): 00:71:8f:a0:76:09:c9:d1:85:82:86:91:b3:a5:35:85:a4:b8:3c:d7:4c:61:3e:63:c8:ec:2c:cd:77:d2:9b:c6
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate service.spiegel.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for service.spiegel.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
service.spiegel.de
Other certificates including the domain name spiegel.de
(limited to 100 certificates)
jira.spiegel.de
service.spiegel.de
pushmanagement-ui.review.nextgen-services.spiegel.de
staging.sportwetten.spiegel.de
tippspiel.spiegel.de
gutscheine.spiegel.de
ssl.1.damoh.spiegel.de
digas.spiegel.de
amazonproductprovider.qs.nextgen-services.spiegel.de
shop.spiegel.de
imode.spiegel.de
review.assets.spiegel.de
newsletterversand.spiegel.de
vcdn02.spiegel.de
sftp.spiegel.de
qs.spiegel.de
vcdn1-secure.hls.spiegel.de
advent.spiegel.de
digasred.spiegel.de
SPIEGEL-Verlag Rudolf Augstein GmbH & Co KG
video-secure.spiegel.de
apiegel.de
cdnstatic.secure.spiegel.de
gcp.qs.www.spiegel.de
akademie.spiegel.de
cms.review.www.spiegel.de
arztsuche.spiegel.de
vcdn01.spiegel.de
einestages.spiegel.de
magazin.spiegel.de
eurojackpot.spiegel.de
derspiegel.eu
arztsuche.spiegel.de
m.spiegel.de
derspiegel.eu
gcp.dev.www.spiegel.de
advent.spiegel.de
www.spiegel.de
akamai-san8.exacttarget.com
newsletterversand2.spiegel.de
bento.app
fa.review.wisl.spiegel.de
gcp.prod.www.spiegel.de
tracker.it.spiegel.de
www.stepstone.de
m.spiegel.de
click.angebote.spiegel.de
einsurance.spiegel.de
cloud.angebote.spiegel.de
sams.spiegel.de
aubapi.spiegel.de
arztsuche.spiegel.de
review.www.spiegel.de
review.journalsuite.spiegel.de
service.spiegel.de
contentgarden.spiegel.de
static.gruppenkonto.spiegel.de
www.weltski.de
review.journalsuite.spiegel.de
bento.app
cdn.secure.spiegel.de
cdn.secure.spiegel.de
www.weltski.de
bento.app
sportwetten.spiegel.de
click.angebote.spiegel.de
dev.www.spiegel.de
digas-review.axelspringer.de
m.eurojackpot.spiegel.de
prod.warden.spiegel.de
service.spiegel.de
view.angebote.spiegel.de
kopfsache.spiegel.de
www.weltski.de
ivwbox.spiegel.de
www.stepstone.de
aubapi.spiegel.de
contentstation-qs.spiegel.de
microshop.spiegel.de
gluecksspirale.spiegel.de
streaming.hls.spiegel.de
dev.fanexperts.spiegel.de
dev.talk.spiegel.de
sportwetten.spiegel.de
lotto.spiegel.de
microshop.spiegel.de
spiele.spiegel.de
staging.sportwetten.spiegel.de
elvis-qs.spiegel.de
vpn.spiegel.de
eurojackpot.spiegel.de
dev.www.spiegel.de
cdnsource.review.www.spiegel.de
osp.spiegel.de
spiegel-de.spiegel.de
static.gruppenkonto.spiegel.de
sats.spiegel.de
grafana.review.cm.spiegel.de
magazin.spiegel.de
service.spiegel.de
pushmanagement-ui.review.nextgen-services.spiegel.de
staging.sportwetten.spiegel.de
tippspiel.spiegel.de
gutscheine.spiegel.de
ssl.1.damoh.spiegel.de
digas.spiegel.de
amazonproductprovider.qs.nextgen-services.spiegel.de
shop.spiegel.de
imode.spiegel.de
review.assets.spiegel.de
newsletterversand.spiegel.de
vcdn02.spiegel.de
sftp.spiegel.de
qs.spiegel.de
vcdn1-secure.hls.spiegel.de
advent.spiegel.de
digasred.spiegel.de
SPIEGEL-Verlag Rudolf Augstein GmbH & Co KG
video-secure.spiegel.de
apiegel.de
cdnstatic.secure.spiegel.de
gcp.qs.www.spiegel.de
akademie.spiegel.de
cms.review.www.spiegel.de
arztsuche.spiegel.de
vcdn01.spiegel.de
einestages.spiegel.de
magazin.spiegel.de
eurojackpot.spiegel.de
derspiegel.eu
arztsuche.spiegel.de
m.spiegel.de
derspiegel.eu
gcp.dev.www.spiegel.de
advent.spiegel.de
www.spiegel.de
akamai-san8.exacttarget.com
newsletterversand2.spiegel.de
bento.app
fa.review.wisl.spiegel.de
gcp.prod.www.spiegel.de
tracker.it.spiegel.de
www.stepstone.de
m.spiegel.de
click.angebote.spiegel.de
einsurance.spiegel.de
cloud.angebote.spiegel.de
sams.spiegel.de
aubapi.spiegel.de
arztsuche.spiegel.de
review.www.spiegel.de
review.journalsuite.spiegel.de
service.spiegel.de
contentgarden.spiegel.de
static.gruppenkonto.spiegel.de
www.weltski.de
review.journalsuite.spiegel.de
bento.app
cdn.secure.spiegel.de
cdn.secure.spiegel.de
www.weltski.de
bento.app
sportwetten.spiegel.de
click.angebote.spiegel.de
dev.www.spiegel.de
digas-review.axelspringer.de
m.eurojackpot.spiegel.de
prod.warden.spiegel.de
service.spiegel.de
view.angebote.spiegel.de
kopfsache.spiegel.de
www.weltski.de
ivwbox.spiegel.de
www.stepstone.de
aubapi.spiegel.de
contentstation-qs.spiegel.de
microshop.spiegel.de
gluecksspirale.spiegel.de
streaming.hls.spiegel.de
dev.fanexperts.spiegel.de
dev.talk.spiegel.de
sportwetten.spiegel.de
lotto.spiegel.de
microshop.spiegel.de
spiele.spiegel.de
staging.sportwetten.spiegel.de
elvis-qs.spiegel.de
vpn.spiegel.de
eurojackpot.spiegel.de
dev.www.spiegel.de
cdnsource.review.www.spiegel.de
osp.spiegel.de
spiegel-de.spiegel.de
static.gruppenkonto.spiegel.de
sats.spiegel.de
grafana.review.cm.spiegel.de
magazin.spiegel.de
Certificate
The complete raw certificate details for service.spiegel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIQBA7mJq1sNfodBUEheOGxqDANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0xODA4MDYwMDAwMDBaFw0yMDA5MDQxMjAwMDBaMGwxCzAJBgNVBAYTAkRFMRAw DgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMRwwGgYDVQQKExNTUElF R0VMLU9OTElORSBHbWJIMRswGQYDVQQDExJzZXJ2aWNlLnNwaWVnZWwuZGUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ndkdMMoQw6RQHaCm+ncfju5E p0IS+n7TTPKsBW3ewIEHl/HuC2iAJYKn+L88q/dBsIfxQgMJ+vC/MG/haJMCgEZH L/+eUFcR3ZO5WJ+1FwtaNX3p7kXtMnKrSm9qvYe+oc7UuMspqGLd3V8no8LITBi+ X9Hj79L73Rl66rVv/BwlbSW3CqV0WmNm9yYCHMHhK9rJS6aJhJ0yIkMiJuakjH8X OvJo5MtO4niw2KZzgG5j6ANjHXb2OpCpW+JQDkL61wLj30Agbfoi1tLKaydH8lXg FwCbqEIpJ4nb9MdA3LARA1bhjdLThfxlJ0ZXgGDOjHdqXAbP4NZPZzBCcASbAgMB AAGjggG3MIIBszAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3yo0MWOJ5sxTAdBgNV HQ4EFgQUX+DT3uLI1CAAgl7YYR4C3YAM3pkwHQYDVR0RBBYwFIISc2VydmljZS5z cGllZ2VsLmRlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5j b20vR2VvVHJ1c3RSU0FDQTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYG Z4EMAQICMHUGCCsGAQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1 cy5nZW90cnVzdC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3Ry dXN0LmNvbS9HZW9UcnVzdFJTQUNBMjAxOC5jcnQwCQYDVR0TBAIwADATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuPsX2KQCSqNC6nJyrL3V wfcwqEbLK/nykCq+Xzq50/wkAmZa0rfQOHUbmEnJ27wecCbdYzsHOQS+TYssFlQV 7C8B86pDtotDKLq9YDfuCOWId5c/5eYy7Q7vaGrz8+HNqxzPiEjonK8lipCoPGqB 63NVoFVBz+YPYGDReQbRTo2bYq/owBV6nK1VxutHGpu8X390F5iSKWoFJWGognFo tZWc6squRMkrWjgc/OddBaW9H5l7odE6+YCnjgaGfbP+ymaIjYSjqH86vaWbl6UB e33hBIcpvM8Zbwx1py+JkYqvNZ8ZhMl0u/8pB7xd4aXxiOkN7AbrDbo6vAxcoBx4 rw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ3ZHTDKEMOkUB2gpvp3 H47uRKdCEvp+00zyrAVt3sCBB5fx7gtogCWCp/i/PKv3QbCH8UIDCfrwvzBv4WiT AoBGRy//nlBXEd2TuViftRcLWjV96e5F7TJyq0pvar2HvqHO1LjLKahi3d1fJ6PC yEwYvl/R4+/S+90Zeuq1b/wcJW0ltwqldFpjZvcmAhzB4SvayUumiYSdMiJDIibm pIx/FzryaOTLTuJ4sNimc4BuY+gDYx129jqQqVviUA5C+tcC499AIG36ItbSymsn R/JV4BcAm6hCKSeJ2/THQNywEQNW4Y3S04X8ZSdGV4Bgzox3alwGz+DWT2cwQnAE mwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5394272157709892091468828185037222312 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hamburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hamburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SPIEGEL-ONLINE GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'service.spiegel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23431924218705381293725961355733678755611083877731180647203907834836838625000174184633291760717039759112825710777229984927555186017336932608324673152977461516009520321446373169742926417775710875927213999822407787319296409685480230952462987395082462265482774665897636786088485074407004766573757294287445114373171749969575983427524426512601148761983277881605651112785490800395049214803731016057943581788041830052163649164532755676405001314066864330200937779243697853325985746571105064881501770319648465813570955895372579292193651070063181825522316497937049097439235875938535629262827540855977806082600519978842447676571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5fe0d3dee2c8d42000825ed8611e02dd800cde99 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'service.spiegel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b8fb17d8a4024aa342ea7272acbdd5c1f730a846cb2bf9f2902abe5f3ab9d3fc2402665ad2b7d038751b9849c9dbbc1e7026dd633b073904be4d8b2c165415ec2f01f3aa43b68b4328babd6037ee08e58877973fe5e632ed0eef686af3f3e1cdab1ccf8848e89caf258a90a83c6a81eb7355a05541cfe60f6060d17906d14e8d9b62afe8c0157a9cad55c6eb471a9bbc5f7f74179892296a052561a8827168b5959ceacaae44c92b5a381cfce75d05a5bd1f997ba1d13af980a78e06867db3feca66888d84a3a87f3abda59b97a5017b7de1048729bccf196f0c75a72f89918aaf359f1984c974bbff2907bc5de1a5f188e90dec06eb0dba3abc0c5ca01c78af