*.rodenstock.com

- Rodenstock GmbH -

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 0d:a7:df:e2:48:56:19:c2:eb:c6:ee:5d:e4:bb:13:15 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Rodenstock GmbH

Organization: Rodenstock GmbH
Organization unit: IT
State / Province: Bayern
Locality: Muenchen
Country: DE

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:a7:df:e2:48:56:19:c2:eb:c6:ee:5d:e4:bb:13:15
Serial Number (int): 18151618425872575090402574877924725525
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ba:08:37:c3:08:ff:33:da:83:b3:ab:07:70:94:fe:be:72:a1:72:b5
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 5a:9c:6f:8c:1e:a8:2a:71:4d:ba:a8:58:0d:b5:16:69:ad:64:1b:02
Fingerprint (sha256): 00:e1:ed:b0:09:6b:2b:84:26:39:64:ae:74:fb:39:d3:33:cd:6b:94:e0:a3:4a:f1:68:88:d4:47:59:ea:a7:ec

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate *.rodenstock.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.rodenstock.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.rodenstock.com
rodenstock.com

Other certificates including the domain name rodenstock.com

(limited to 100 certificates)
*.rodenstock.com
sf6-staging.cnxt.rodenstock.com
ftp3.rodenstock.com
analytics.cnxt.rodenstock.com
cnxt.rodenstock.com
erpc-cl1.rodenstock.com
develop.cnxt.rodenstock.com
scopia.rodenstock.com
wifi.rodenstock.com
countdown.rodenstock.com
api-staging.cnxt.rodenstock.com
countdown.rodenstock.com
dsa.rodenstock.com
cnxt-hub-preview.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
webmail.rodenstock.com
hub-staging.cnxt.rodenstock.com
develop.cnxt.rodenstock.com
dsa.rodenstock.com
gateway-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-develop.cnxt.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
mailsn.rodenstock.com
wifi.rodenstock.com
mailsn.rodenstock.com
payment.rodenstock.com
develop.cnxt.rodenstock.com
sf6-develop.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
select-api-staging.cnxt.rodenstock.com
webservices.rodenstock.com
winfitb2b.rodenstock.com
dsa.rodenstock.com
select-api.cnxt.rodenstock.com
select-api-develop.cnxt.rodenstock.com
css.rodenstock.com
sf6-develop.cnxt.rodenstock.com
mailsn.rodenstock.com
analytics.cnxt.rodenstock.com
sf6.cnxt.rodenstock.com
dsa.rodenstock.com
*.rodenstock.com
sso.cnxt.rodenstock.com
staging.cnxt.rodenstock.com
backend.events.rodenstock.com
sf6.cnxt.rodenstock.com
cnxt.rodenstock.com
trustcenter.cnxt.rodenstock.com
expertenfilm.rodenstock.com
www.rodenstock.com
bignorm.rodenstock.com
payment.rodenstock.com
api-develop.cnxt.rodenstock.com
sso.cnxt.rodenstock.com
consumer-api.cnxt.rodenstock.com
mailsn.rodenstock.com
semis.rodenstock.com
hub.cnxt.rodenstock.com
*.rodenstock.com
api-staging.cnxt.rodenstock.com
expertmovie.rodenstock.com
staging.cnxt.rodenstock.com
cnxt-frontend-preview.cnxt.rodenstock.com
tool.rodenstock.com
gateway-develop.cnxt.rodenstock.com
vst.rodenstock.com
backend.events.rodenstock.com
hub.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
analytics.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-production.cnxt.rodenstock.com
select-api.cnxt.rodenstock.com
cnxt.rodenstock.com
sf6-preview.cnxt.rodenstock.com
dsa.rodenstock.com
cnxt-sf6-backend-staging.cnxt.rodenstock.com
api-develop.cnxt.rodenstock.com
payment.rodenstock.com
wiki.cnxt.rodenstock.com
tool.rodenstock.com
sf6-staging.cnxt.rodenstock.com
dsa-develop.cnxt.rodenstock.com
www.rodenstock.com
tool.rodenstock.com
shop-develop.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
api-staging.cnxt.rodenstock.com
tool.rodenstock.com
trustcenter.cnxt.rodenstock.com
dsa.cnxt.rodenstock.com
www.rodenstock.com
cnxt-consumer-api-preview.cnxt.rodenstock.com
css.rodenstock.com
consumer-api-staging.cnxt.rodenstock.com
gateway-preview.cnxt.rodenstock.com
api.cnxt.rodenstock.com
cnxt-postgraphile-staging.cnxt.rodenstock.com

Certificate

The complete raw certificate details for *.rodenstock.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgIQDaff4khWGcLrxu5d5LsTFTANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTE5MDEwNDAwMDAwMFoXDTIxMDEwMzEyMDAwMFowczELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJheWVybjERMA8GA1UEBxMITXVlbmNoZW4xGDAWBgNVBAoTD1Jv
ZGVuc3RvY2sgR21iSDELMAkGA1UECxMCSVQxGTAXBgNVBAMMECoucm9kZW5zdG9j
ay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfgNtNyR/CRyBk
RRDPII632G7286/xbfeYgwlw2IA48kqt0M+EetXBb+fMcpMb5w0VG8+FIysIKaWF
1fl9v6pux3w253EjqHK4hWtSalvrSK9ahZez6eCzmfYvWKYBGpDgmkh30eF0kpun
6bSnGAmY+lZLBMa3UGV6WBhGp0hgPl89UhYPQwK4YlZaYBaIBNyJd+OhfSL9YZje
ui405H3TzZEfz4tqHORlPP0BEv/FzMDGU3Hk3PrzgdV2dnFIAaxPDlGQrEC1rCvs
/IWbgeZulFZ1MyVvH/w1wUfWIiZeJNhZLt8smGZusfguLMaWU0QbFVk6iJSXJL7h
pbaO6Dz1AgMBAAGjggM0MIIDMDAfBgNVHSMEGDAWgBSUT9Rdi+Sk4qaA/v3Y+QDv
o74CVzAdBgNVHQ4EFgQUugg3wwj/M9qDs6sHcJT+vnKhcrUwKwYDVR0RBCQwIoIQ
Ki5yb2RlbnN0b2NrLmNvbYIOcm9kZW5zdG9jay5jb20wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA/BgNVHR8EODA2MDSgMqAw
hi5odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3Js
MEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHYGCCsGAQUFBwEBBGowaDAm
BggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUH
MAKGMmh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNB
RzEuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2APZc
lC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABaBiq33IAAAQDAEcwRQIh
AMu8RLCw6ER5mQ/n+ofd4PPy6xW8hvY1tpT3PEc6hMr7AiBs5MkDVpQg4N2wUOx4
HmdbmIWV895bkyWFSZDAjwq1uwB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG0
6v9eoIMPAAABaBiq4DgAAAQDAEcwRQIhAJcs9kyXLequzUacjwFmD6nPOVSWsZxd
QhkfXU1QvFYcAiALX6v7OoYTxhbwJXxuXvqhQX8QZBxCoPLG8I8rVrfUKAB2AG9T
dqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABaBiq4L4AAAQDAEcwRQIg
QyFFXFOkvaqxJsZ9w1ynI3VioEX0QS412d32FX7TjywCIQDPmyRywEeC6dGTm6Iv
jQUOxLmrdIKMMvDapcMp9TIXlTANBgkqhkiG9w0BAQsFAAOCAQEABIY/tGb1lhXV
TAPHE/T1ZgSjEgFO6xI4Qc7GdjAVj1+fFj8QbhZTt++oaKeozVrU1Cbf7V5s+WMM
tcOekMHAnPozIfbWEZI1aFoELATMLh+nykJYTRNeVEjZjloaFX8F1tEHqjbSrnZo
UTSAInR8RvyrWb9etYTLGgLiXSYlUkM7ZeMKzrg9zwOKLh5Dbfed5+GURGm/eMzb
o5faC3sHuibq0Yu/hT/3K3KAoWDtqOm9NVKe7bZVmfd9jQI2lP7J1fUM89tcO3U+
Y8kuUYPb1qr4IW7wr0FecSHc3e7QyIPvwAPVRNJqn3GFCdE6284dI8D5yxIuvwRr
zLK73G9npQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4DbTckfwkcgZEUQzyCO
t9hu9vOv8W33mIMJcNiAOPJKrdDPhHrVwW/nzHKTG+cNFRvPhSMrCCmlhdX5fb+q
bsd8NudxI6hyuIVrUmpb60ivWoWXs+ngs5n2L1imARqQ4JpId9HhdJKbp+m0pxgJ
mPpWSwTGt1BlelgYRqdIYD5fPVIWD0MCuGJWWmAWiATciXfjoX0i/WGY3rouNOR9
082RH8+LahzkZTz9ARL/xczAxlNx5Nz684HVdnZxSAGsTw5RkKxAtawr7PyFm4Hm
bpRWdTMlbx/8NcFH1iImXiTYWS7fLJhmbrH4LizGllNEGxVZOoiUlyS+4aW2jug8
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18151618425872575090402574877924725525
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-03 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Muenchen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rodenstock GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rodenstock.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20135432074738887419265738888577749407504107967143106126081693803444066412327760151938494724165897854906708439674651994542900477994270860805300411562767213896664407835112487583189551487356258414381555064811377790941354514157005400890586916072425176141621633765404491591291882916131693469413909334136407086348514864793424622206124032744598459363230557870083793425512865502052687755194211913223064062913430277413269241549689452624075861762573038608138863155548457360000134461664821040577234444521401331061139210718868301410054547171250093678565907220204954657206349422063586071341179307239842126795216874819824900390133
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ba0837c308ff33da83b3ab077094febe72a172b5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rodenstock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rodenstock.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016818aadf720000040300473045022100cbbc44b0b0e84479990fe7fa87dde0f3f2eb15bc86f635b694f73c473a84cafb02206ce4c903569420e0ddb050ec781e675b988595f3de5b9325854990c08f0ab5bb0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016818aae0380000040300473045022100972cf64c972deaaecd469c8f01660fa9cf395496b19c5d42191f5d4d50bc561c02200b5fabfb3a8613c616f0257c6e5efaa1417f10641c42a0f2c6f08f2b56b7d4280076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016818aae0be000004030047304502204321455c53a4bdaab126c67dc35ca7237562a045f4412e35d9ddf6157ed38f2c022100cf9b2472c04782e9d1939ba22f8d050ec4b9ab74828c32f0daa5c329f5321795
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0004863fb466f59615d54c03c713f4f56604a312014eeb123841cec67630158f5f9f163f106e1653b7efa868a7a8cd5ad4d426dfed5e6cf9630cb5c39e90c1c09cfa3321f6d6119235685a042c04cc2e1fa7ca42584d135e5448d98e5a1a157f05d6d107aa36d2ae766851348022747c46fcab59bf5eb584cb1a02e25d262552433b65e30aceb83dcf038a2e1e436df79de7e1944469bf78ccdba397da0b7b07ba26ead18bbf853ff72b7280a160eda8e9bd35529eedb65599f77d8d023694fec9d5f50cf3db5c3b753e63c92e5183dbd6aaf8216ef0af415e7121dcddeed0c883efc003d544d26a9f718509d13adbce1d23c0f9cb122ebf046bccb2bbdc6f67a5