*.rodenstock.com
- Rodenstock GmbH -
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 0d:a7:df:e2:48:56:19:c2:eb:c6:ee:5d:e4:bb:13:15 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Rodenstock GmbH
Organization:
Rodenstock GmbH
Organization unit: IT
Organization unit: IT
State / Province:
Bayern
Locality: Muenchen
Country: DE
Locality: Muenchen
Country: DE
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:a7:df:e2:48:56:19:c2:eb:c6:ee:5d:e4:bb:13:15Serial Number (int): 18151618425872575090402574877924725525
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ba:08:37:c3:08:ff:33:da:83:b3:ab:07:70:94:fe:be:72:a1:72:b5
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 5a:9c:6f:8c:1e:a8:2a:71:4d:ba:a8:58:0d:b5:16:69:ad:64:1b:02
Fingerprint (sha256): 00:e1:ed:b0:09:6b:2b:84:26:39:64:ae:74:fb:39:d3:33:cd:6b:94:e0:a3:4a:f1:68:88:d4:47:59:ea:a7:ec
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate *.rodenstock.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rodenstock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rodenstock.com
rodenstock.com
rodenstock.com
Other certificates including the domain name rodenstock.com
(limited to 100 certificates)
*.rodenstock.com
sf6-staging.cnxt.rodenstock.com
ftp3.rodenstock.com
analytics.cnxt.rodenstock.com
cnxt.rodenstock.com
erpc-cl1.rodenstock.com
develop.cnxt.rodenstock.com
scopia.rodenstock.com
wifi.rodenstock.com
countdown.rodenstock.com
api-staging.cnxt.rodenstock.com
countdown.rodenstock.com
dsa.rodenstock.com
cnxt-hub-preview.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
webmail.rodenstock.com
hub-staging.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
dsa.rodenstock.com
gateway-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
mailsn.rodenstock.com
wifi.rodenstock.com
mailsn.rodenstock.com
payment.rodenstock.com
develop.cnxt.rodenstock.com
sf6-develop.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
select-api-staging.cnxt.rodenstock.com
webservices.rodenstock.com
winfitb2b.rodenstock.com
dsa.rodenstock.com
select-api.cnxt.rodenstock.com
select-api-develop.cnxt.rodenstock.com
css.rodenstock.com
sf6-develop.cnxt.rodenstock.com
mailsn.rodenstock.com
analytics.cnxt.rodenstock.com
sf6.cnxt.rodenstock.com
dsa.rodenstock.com
*.rodenstock.com
sso.cnxt.rodenstock.com
staging.cnxt.rodenstock.com
backend.events.rodenstock.com
sf6.cnxt.rodenstock.com
cnxt.rodenstock.com
trustcenter.cnxt.rodenstock.com
expertenfilm.rodenstock.com
www.rodenstock.com
bignorm.rodenstock.com
payment.rodenstock.com
api-develop.cnxt.rodenstock.com
sso.cnxt.rodenstock.com
consumer-api.cnxt.rodenstock.com
mailsn.rodenstock.com
semis.rodenstock.com
hub.cnxt.rodenstock.com
*.rodenstock.com
api-staging.cnxt.rodenstock.com
expertmovie.rodenstock.com
staging.cnxt.rodenstock.com
cnxt-frontend-preview.cnxt.rodenstock.com
tool.rodenstock.com
gateway-develop.cnxt.rodenstock.com
vst.rodenstock.com
backend.events.rodenstock.com
hub.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
analytics.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
cnxt.rodenstock.com
sf6-preview.cnxt.rodenstock.com
dsa.rodenstock.com
cnxt-sf6-backend-staging.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
payment.rodenstock.com
wiki.cnxt.rodenstock.com
tool.rodenstock.com
sf6-staging.cnxt.rodenstock.com
dsa-develop.cnxt.rodenstock.com
www.rodenstock.com
tool.rodenstock.com
shop-develop.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
tool.rodenstock.com
trustcenter.cnxt.rodenstock.com
dsa.cnxt.rodenstock.com
www.rodenstock.com
cnxt-consumer-api-preview.cnxt.rodenstock.com
css.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
gateway-preview.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-staging.cnxt.rodenstock.com
sf6-staging.cnxt.rodenstock.com
ftp3.rodenstock.com
analytics.cnxt.rodenstock.com
cnxt.rodenstock.com
erpc-cl1.rodenstock.com
develop.cnxt.rodenstock.com
scopia.rodenstock.com
wifi.rodenstock.com
countdown.rodenstock.com
api-staging.cnxt.rodenstock.com
countdown.rodenstock.com
dsa.rodenstock.com
cnxt-hub-preview.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
webmail.rodenstock.com
hub-staging.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
dsa.rodenstock.com
gateway-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
mailsn.rodenstock.com
wifi.rodenstock.com
mailsn.rodenstock.com
payment.rodenstock.com
develop.cnxt.rodenstock.com
sf6-develop.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
select-api-staging.cnxt.rodenstock.com
webservices.rodenstock.com
winfitb2b.rodenstock.com
dsa.rodenstock.com
select-api.cnxt.rodenstock.com
select-api-develop.cnxt.rodenstock.com
css.rodenstock.com
sf6-develop.cnxt.rodenstock.com
mailsn.rodenstock.com
analytics.cnxt.rodenstock.com
sf6.cnxt.rodenstock.com
dsa.rodenstock.com
*.rodenstock.com
sso.cnxt.rodenstock.com
staging.cnxt.rodenstock.com
backend.events.rodenstock.com
sf6.cnxt.rodenstock.com
cnxt.rodenstock.com
trustcenter.cnxt.rodenstock.com
expertenfilm.rodenstock.com
www.rodenstock.com
bignorm.rodenstock.com
payment.rodenstock.com
api-develop.cnxt.rodenstock.com
sso.cnxt.rodenstock.com
consumer-api.cnxt.rodenstock.com
mailsn.rodenstock.com
semis.rodenstock.com
hub.cnxt.rodenstock.com
*.rodenstock.com
api-staging.cnxt.rodenstock.com
expertmovie.rodenstock.com
staging.cnxt.rodenstock.com
cnxt-frontend-preview.cnxt.rodenstock.com
tool.rodenstock.com
gateway-develop.cnxt.rodenstock.com
vst.rodenstock.com
backend.events.rodenstock.com
hub.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
analytics.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
cnxt.rodenstock.com
sf6-preview.cnxt.rodenstock.com
dsa.rodenstock.com
cnxt-sf6-backend-staging.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
payment.rodenstock.com
wiki.cnxt.rodenstock.com
tool.rodenstock.com
sf6-staging.cnxt.rodenstock.com
dsa-develop.cnxt.rodenstock.com
www.rodenstock.com
tool.rodenstock.com
shop-develop.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
tool.rodenstock.com
trustcenter.cnxt.rodenstock.com
dsa.cnxt.rodenstock.com
www.rodenstock.com
cnxt-consumer-api-preview.cnxt.rodenstock.com
css.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
gateway-preview.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-staging.cnxt.rodenstock.com
Certificate
The complete raw certificate details for *.rodenstock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGkzCCBXugAwIBAgIQDaff4khWGcLrxu5d5LsTFTANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTE5MDEwNDAwMDAwMFoXDTIxMDEwMzEyMDAwMFowczELMAkGA1UEBhMCREUx DzANBgNVBAgTBkJheWVybjERMA8GA1UEBxMITXVlbmNoZW4xGDAWBgNVBAoTD1Jv ZGVuc3RvY2sgR21iSDELMAkGA1UECxMCSVQxGTAXBgNVBAMMECoucm9kZW5zdG9j ay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfgNtNyR/CRyBk RRDPII632G7286/xbfeYgwlw2IA48kqt0M+EetXBb+fMcpMb5w0VG8+FIysIKaWF 1fl9v6pux3w253EjqHK4hWtSalvrSK9ahZez6eCzmfYvWKYBGpDgmkh30eF0kpun 6bSnGAmY+lZLBMa3UGV6WBhGp0hgPl89UhYPQwK4YlZaYBaIBNyJd+OhfSL9YZje ui405H3TzZEfz4tqHORlPP0BEv/FzMDGU3Hk3PrzgdV2dnFIAaxPDlGQrEC1rCvs /IWbgeZulFZ1MyVvH/w1wUfWIiZeJNhZLt8smGZusfguLMaWU0QbFVk6iJSXJL7h pbaO6Dz1AgMBAAGjggM0MIIDMDAfBgNVHSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y+QDv o74CVzAdBgNVHQ4EFgQUugg3wwj/M9qDs6sHcJT+vnKhcrUwKwYDVR0RBCQwIoIQ Ki5yb2RlbnN0b2NrLmNvbYIOcm9kZW5zdG9jay5jb20wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA/BgNVHR8EODA2MDSgMqAw hi5odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3Js MEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHYGCCsGAQUFBwEBBGowaDAm BggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUH MAKGMmh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNB RzEuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2APZc lC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABaBiq33IAAAQDAEcwRQIh AMu8RLCw6ER5mQ/n+ofd4PPy6xW8hvY1tpT3PEc6hMr7AiBs5MkDVpQg4N2wUOx4 HmdbmIWV895bkyWFSZDAjwq1uwB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG0 6v9eoIMPAAABaBiq4DgAAAQDAEcwRQIhAJcs9kyXLequzUacjwFmD6nPOVSWsZxd QhkfXU1QvFYcAiALX6v7OoYTxhbwJXxuXvqhQX8QZBxCoPLG8I8rVrfUKAB2AG9T dqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABaBiq4L4AAAQDAEcwRQIg QyFFXFOkvaqxJsZ9w1ynI3VioEX0QS412d32FX7TjywCIQDPmyRywEeC6dGTm6Iv jQUOxLmrdIKMMvDapcMp9TIXlTANBgkqhkiG9w0BAQsFAAOCAQEABIY/tGb1lhXV TAPHE/T1ZgSjEgFO6xI4Qc7GdjAVj1+fFj8QbhZTt++oaKeozVrU1Cbf7V5s+WMM tcOekMHAnPozIfbWEZI1aFoELATMLh+nykJYTRNeVEjZjloaFX8F1tEHqjbSrnZo UTSAInR8RvyrWb9etYTLGgLiXSYlUkM7ZeMKzrg9zwOKLh5Dbfed5+GURGm/eMzb o5faC3sHuibq0Yu/hT/3K3KAoWDtqOm9NVKe7bZVmfd9jQI2lP7J1fUM89tcO3U+ Y8kuUYPb1qr4IW7wr0FecSHc3e7QyIPvwAPVRNJqn3GFCdE6284dI8D5yxIuvwRr zLK73G9npQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4DbTckfwkcgZEUQzyCO t9hu9vOv8W33mIMJcNiAOPJKrdDPhHrVwW/nzHKTG+cNFRvPhSMrCCmlhdX5fb+q bsd8NudxI6hyuIVrUmpb60ivWoWXs+ngs5n2L1imARqQ4JpId9HhdJKbp+m0pxgJ mPpWSwTGt1BlelgYRqdIYD5fPVIWD0MCuGJWWmAWiATciXfjoX0i/WGY3rouNOR9 082RH8+LahzkZTz9ARL/xczAxlNx5Nz684HVdnZxSAGsTw5RkKxAtawr7PyFm4Hm bpRWdTMlbx/8NcFH1iImXiTYWS7fLJhmbrH4LizGllNEGxVZOoiUlyS+4aW2jug8 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18151618425872575090402574877924725525 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-03 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rodenstock GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rodenstock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20135432074738887419265738888577749407504107967143106126081693803444066412327760151938494724165897854906708439674651994542900477994270860805300411562767213896664407835112487583189551487356258414381555064811377790941354514157005400890586916072425176141621633765404491591291882916131693469413909334136407086348514864793424622206124032744598459363230557870083793425512865502052687755194211913223064062913430277413269241549689452624075861762573038608138863155548457360000134461664821040577234444521401331061139210718868301410054547171250093678565907220204954657206349422063586071341179307239842126795216874819824900390133 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ba0837c308ff33da83b3ab077094febe72a172b5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rodenstock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rodenstock.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016818aadf720000040300473045022100cbbc44b0b0e84479990fe7fa87dde0f3f2eb15bc86f635b694f73c473a84cafb02206ce4c903569420e0ddb050ec781e675b988595f3de5b9325854990c08f0ab5bb0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016818aae0380000040300473045022100972cf64c972deaaecd469c8f01660fa9cf395496b19c5d42191f5d4d50bc561c02200b5fabfb3a8613c616f0257c6e5efaa1417f10641c42a0f2c6f08f2b56b7d4280076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016818aae0be000004030047304502204321455c53a4bdaab126c67dc35ca7237562a045f4412e35d9ddf6157ed38f2c022100cf9b2472c04782e9d1939ba22f8d050ec4b9ab74828c32f0daa5c329f5321795 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0004863fb466f59615d54c03c713f4f56604a312014eeb123841cec67630158f5f9f163f106e1653b7efa868a7a8cd5ad4d426dfed5e6cf9630cb5c39e90c1c09cfa3321f6d6119235685a042c04cc2e1fa7ca42584d135e5448d98e5a1a157f05d6d107aa36d2ae766851348022747c46fcab59bf5eb584cb1a02e25d262552433b65e30aceb83dcf038a2e1e436df79de7e1944469bf78ccdba397da0b7b07ba26ead18bbf853ff72b7280a160eda8e9bd35529eedb65599f77d8d023694fec9d5f50cf3db5c3b753e63c92e5183dbd6aaf8216ef0af415e7121dcddeed0c883efc003d544d26a9f718509d13adbce1d23c0f9cb122ebf046bccb2bbdc6f67a5