webportal3.dot.state.mn.us

- State of Minnesota -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number 3b:a5:b2:dc:0a:de:1d:c7:ed:7a:cf:64:c9:44:8f:74 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

State of Minnesota

Company registration number: Government Entity
Organization: State of Minnesota
Organization unit: Dept of Transportation
State / Province: Minnesota
Country: US

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 3b:a5:b2:dc:0a:de:1d:c7:ed:7a:cf:64:c9:44:8f:74
Serial Number (int): 79284808435436858462332071659132194676
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 14:2f:90:7f:9d:34:e3:88:36:61:23:34:ab:81:4a:f2:17:f7:af:fb
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 38:37:40:0a:36:0f:d3:64:40:35:dc:98:3a:47:2c:cd:05:43:8a:96
Fingerprint (sha256): 01:19:7b:8c:16:f8:6c:77:71:8f:4d:28:b2:f1:37:a6:5f:c6:38:30:f7:b9:60:7d:07:90:0d:2d:1b:e9:45:b4

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate webportal3.dot.state.mn.us

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for webportal3.dot.state.mn.us

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

webportal3.dot.state.mn.us
www.webportal3.dot.state.mn.us

Other certificates including the domain name state.mn.us

(limited to 100 certificates)
fyidocs.web.health.state.mn.us
maps1.dnr.state.mn.us
edocs.dhs.state.mn.us
www.brewermiddleschool.wsisd.com
mndatarest.web.health.state.mn.us
drainage.pca.state.mn.us
ww2.commissions.leg.state.mn.us
support.mdor.state.mn.us
autodiscover.state.mn.us
mnhumanservices-test.dhs.state.mn.us
www.westkm.pubdef.state.mn.us
svn.nonprod.health.state.mn.us
guestvdi.dps.state.mn.us
arclookup.dhs.int.state.mn.us
education.mn.gov
printprint.x.state.mn.us
mnwellindex.web.health.state.mn.us
nslp.web.health.state.mn.us
podprecheck.health.state.mn.us
ccbhcreporting.dhs.state.mn.us
evve.health.state.mn.us
archerdev.int.state.mn.us
merc.health.state.mn.us
www.dlan.dps.state.mn.us
trng.mec2.dhs.state.mn.us
mhis.dhs.mn.gov
lic-dev.dnr.state.mn.us
mnchoices-train.dhs.state.mn.us
tmon.dhs.int.state.mn.us
mnch-supplan-train.dhs.state.mn.us
webportal3.dot.state.mn.us
elm.systems.state.mn.us
www2.mainserver.state.mn.us
cannabis.web.health.state.mn.us
support.elm.swift.state.mn.us
dutchelm.dps.state.mn.us
www.cty.dhs.state.mn.us
mnlars-iam-prod-app-v201.dps.int.state.mn.us
mars.doc.state.mn.us
www.msrs.state.mn.us
aurora.msrs.state.mn.us
ftp.sos.state.mn.us
www.cfbreport.state.mn.us
coms.stage.doc.state.mn.us
swa.web.health.state.mn.us
rpo.dev.dhs.int.state.mn.us
passwordreset.mnit.state.mn.us
leadrenovator.web.health.state.mn.us
files.dnr.state.mn.us
www.ecmportal.pubdef.state.mn.us
revvpnsdp.mdor.state.mn.us
wm.courts.state.mn.us
www.gideon2test.pubdef.state.mn.us
www.dashboardtest.pubdef.state.mn.us
www.yorkprepsc.org
webportal2.dot.state.mn.us
pfas400.dhs.int.state.mn.us
www.ble.mn.gov
arsdev.itg.state.mn.us
www.lawyerregulation.mn.gov
mnsurebda2node09.hix.int.state.mn.us
www.mcla.state.mn.us
mnchoices-train.dhs.state.mn.us
g45ppwcsldww001.admin.state.mn.us
neien.pca.state.mn.us
ddi.itg.state.mn.us
g46pilvcmseo104.voice.state.mn.us
asthmahealthyhomes.web.health.state.mn.us
commissionsandappointments.sos.state.mn.us
samtest.dhs.state.mn.us
dps.mn.gov
dev.sema4.systems.state.mn.us
www.selfloan.state.mn.us
analytics.education.state.mn.us
caseworks.x.state.mn.us
*.devapi.hlb.state.mn.us
g46pilvcmsco104.voice.state.mn.us
image.enx.web.health.state.mn.us
www.ag.state.mn.us
www.fafsaweb.state.mn.us
services.swift.state.mn.us
admin.bakerschools.org
*.sos.state.mn.us
forums.doc.state.mn.us
registrationportal.dot.state.mn.us
fimpwreset.ead.state.mn.us
bcacrimestats.x.state.mn.us
iibvhn.mneiam.int.state.mn.us
remote.oah.state.mn.us
www.ohe.state.mn.us
survey.dnr.state.mn.us
edocs.dhs.state.mn.us
west.commerce.state.mn.us
mdaonbaseapp.mda.state.mn.us
mdatwa2.state.mn.us
licensinglookup.dhs.state.mn.us
ocm.web.health.state.mn.us
support.mdor.state.mn.us
mcla.es.state.mn.us
hchhomes.web.health.state.mn.us

Certificate

The complete raw certificate details for webportal3.dot.state.mn.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHZjCCBk6gAwIBAgIQO6Wy3AreHcftes9kyUSPdDANBgkqhkiG9w0BAQsFADCB
kTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQD
EzBTZWN0aWdvIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMjIwMzAyMDAwMDAwWhcNMjMwMzAyMjM1OTU5WjCB0TEaMBgGA1UEBRMR
R292ZXJubWVudCBFbnRpdHkxEzARBgsrBgEEAYI3PAIBAxMCVVMxGjAYBgNVBA8T
EUdvdmVybm1lbnQgRW50aXR5MQswCQYDVQQGEwJVUzESMBAGA1UECBMJTWlubmVz
b3RhMRswGQYDVQQKExJTdGF0ZSBvZiBNaW5uZXNvdGExHzAdBgNVBAsTFkRlcHQg
b2YgVHJhbnNwb3J0YXRpb24xIzAhBgNVBAMTGndlYnBvcnRhbDMuZG90LnN0YXRl
Lm1uLnVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysGD/TDYTAmN
Nz5DW5W+XbNE1lL+yx64cXLw3v1dbie+hgOR1R5p4Yx7/FfxcnXv0CQuS/rqej1/
n4MjC7tTG860ansoQFQlsl4qXv5elARjCSbopOljQXJDHj41lI2SroC+Z/BnKdlG
T0ClxRYNG4kmcZcaq97gzcGrBcB9JWwGdXMl1JB1tF/CTvwn2+yOzNOc+BteZo6v
Ersi0WmT1juqnyoHMgH0HNtz1qBLZ+5J5XHIOxPyhpFrQrHwAeuUiW2SxmbYEw4f
dlJJG2ZWdz5jdq4VuHX7O2I1VFYhXFnCGMuDRapHUcGrgMxmWPy8VnEtik4CIcUf
zJ3WnTFeWQIDAQABo4IDdjCCA3IwHwYDVR0jBBgwFoAULGn/gMmHkK404bTnTJOF
mUDpp7IwHQYDVR0OBBYEFBQvkH+dNOOINmEjNKuBSvIX96/7MA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBJBgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUFBwIBFhdodHRw
czovL3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBHhkVo
dHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRp
b25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEBBHoweDBRBggrBgEFBQcw
AoZFaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5kZWRWYWxp
ZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
cC5zZWN0aWdvLmNvbTBFBgNVHREEPjA8ghp3ZWJwb3J0YWwzLmRvdC5zdGF0ZS5t
bi51c4Ied3d3LndlYnBvcnRhbDMuZG90LnN0YXRlLm1uLnVzMIIBfgYKKwYBBAHW
eQIEAgSCAW4EggFqAWgAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yC
igAAAX9MK5N5AAAEAwBHMEUCIFziB1MLAT4AoUKEJpCVPFdZDxFq0i1CKiBBWlbo
YcUrAiEAvGaz+F4G/WnUuSiGCfNAGADccq1Vu2FqZ42aM0x1EP4AdgBVgdTCFpA2
AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAX9MK5NTAAAEAwBHMEUCIQCgFopZ
gODIuu+M1rSUoee07r8Yq4PalaD7UR4c/7H9lQIgXBcjKXHh61NSLJ7agqIcNvXQ
Ug3S/wdVQ8usdJcb6Z8AdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1Lr
UgAAAX9MK5OGAAAEAwBHMEUCIQDgkGMRxH5uiySduvYAcGNznDHozMfkEhW6+kLA
mjPtpAIgNYSQZraa6IwlF7gJiZPoRQMnnNrKOqD8dkbR/YBXHtUwDQYJKoZIhvcN
AQELBQADggEBAGYCff9T2jcL7ZHQwN9h8TQQPp413txP4LT8Y0iH5emTHHFyYAxU
bglgI+EesFaxnnZkQ9ZiYM5qT5HSF3hTO0HWdJKgrOS9UVnZcsURFt8UVKHylgTV
UhF9Yo9KezW+yFTPGmwVvp0P4nBUGCfqTpDBNxUL/1ZLXuS6YqZxBtgwd88iJVUt
296cCS2Q1HaAZuQWqL99IV2THBUA266L82goTZywNcjV6L5Gc1zu4m/7F2Edsd/h
4d4wcHJwmpMFnyVF+1YiFpmb7NA8x9CzAh7S29Teo6u6jzV//iX093BJ6dMvKmYK
b6DoI1hW9oLKTgTwTINi3E3vz2E1ICc6Zfk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysGD/TDYTAmNNz5DW5W+
XbNE1lL+yx64cXLw3v1dbie+hgOR1R5p4Yx7/FfxcnXv0CQuS/rqej1/n4MjC7tT
G860ansoQFQlsl4qXv5elARjCSbopOljQXJDHj41lI2SroC+Z/BnKdlGT0ClxRYN
G4kmcZcaq97gzcGrBcB9JWwGdXMl1JB1tF/CTvwn2+yOzNOc+BteZo6vErsi0WmT
1juqnyoHMgH0HNtz1qBLZ+5J5XHIOxPyhpFrQrHwAeuUiW2SxmbYEw4fdlJJG2ZW
dz5jdq4VuHX7O2I1VFYhXFnCGMuDRapHUcGrgMxmWPy8VnEtik4CIcUfzJ3WnTFe
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 79284808435436858462332071659132194676
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'State of Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dept of Transportation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webportal3.dot.state.mn.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25595563693273703252786907536455940193046341524351275450513339207086704608718271577507644693510500245888331620323339083550819876333706195093415114175014303482276922378606285527523188030480818057971025561970345917893738670691895846044696694501481961023768180643497455671958823961875991316693300904152204786702830888726017433871611349839707701967920779581157330962056233021339106327383481085820384368649965367394295776824493191782124336873047730475334876294236316224996770079068695434458286727887378764785119135643852823599585682974758558727009576633019062124858318034665781893533472553871010494038263577507895859830361
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							142f907f9d34e38836612334ab814af217f7affb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webportal3.dot.state.mn.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.webportal3.dot.state.mn.us'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017f4c2b9379000004030047304502205ce207530b013e00a142842690953c57590f116ad22d422a20415a56e861c52b022100bc66b3f85e06fd69d4b9288609f3401800dc72ad55bb616a678d9a334c7510fe0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017f4c2b93530000040300473045022100a0168a5980e0c8baef8cd6b494a1e7b4eebf18ab83da95a0fb511e1cffb1fd9502205c17232971e1eb53522c9eda82a21c36f5d0520dd2ff075543cbac74971be99f0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017f4c2b93860000040300473045022100e0906311c47e6e8b249dbaf6007063739c31e8ccc7e41215bafa42c09a33eda4022035849066b69ae88c2517b8098993e84503279cdaca3aa0fc7646d1fd80571ed5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0066027dff53da370bed91d0c0df61f134103e9e35dedc4fe0b4fc634887e5e9931c7172600c546e096023e11eb056b19e766443d66260ce6a4f91d21778533b41d67492a0ace4bd5159d972c51116df1454a1f29604d552117d628f4a7b35bec854cf1a6c15be9d0fe270541827ea4e90c137150bff564b5ee4ba62a67106d83077cf2225552ddbde9c092d90d4768066e416a8bf7d215d931c1500dbae8bf368284d9cb035c8d5e8be46735ceee26ffb17611db1dfe1e1de307072709a93059f2545fb562216999becd03cc7d0b3021ed2dbd4dea3abba8f357ffe25f4f77049e9d32f2a660a6fa0e8235856f682ca4e04f04c8362dc4defcf613520273a65f9