shpivee1-01.roche.com
Issued by GeoTrust DV SSL CA - G3
About this certificate
This digital certificate with serial number 7c:38:c4:57:56:bc:a8:46:f9:fa:49:f0:46:3f:73:8f was issued on by GeoTrust Inc..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=shpivee1-01.roche.com
GeoTrust Inc.
Organization:
GeoTrust Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7c:38:c4:57:56:bc:a8:46:f9:fa:49:f0:46:3f:73:8fSerial Number (int): 165119022373383756621247471979956499343
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ad:65:22:85:90:d0:3b:e3:a1:49:8b:37:f9:f1:0b:1d:5f:17:a0:77
Fingerprint (sha1): 6b:83:73:69:65:9b:c2:ac:66:54:d3:37:e3:fa:86:7c:dd:68:ed:53
Fingerprint (sha256): 01:ac:b8:fb:60:79:3a:0c:c1:0e:37:cb:fd:12:cd:4c:c7:c8:a3:8e:1a:d0:78:8e:64:f6:1d:b1:b7:2c:68:8b
Issuing Certificate URL: http://gt.symcb.com/gt.crt
Revocation information
OCSP Server: http://gt.symcd.comCRL Distribution Point: http://gt.symcb.com/gt.crl
Check the revocation status for certificate shpivee1-01.roche.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for shpivee1-01.roche.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
shpivee1.roche.com
glomra.roche.com
shpivee1-01.roche.com
glomra.roche.com
shpivee1-01.roche.com
Other certificates including the domain name roche.com
(limited to 100 certificates)
involve.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
Certificate
The complete raw certificate details for shpivee1-01.roche.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgIQfDjEV1a8qEb5+knwRj9zjzANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD QSAtIEczMB4XDTE3MDcwNTAwMDAwMFoXDTE5MDcwNTIzNTk1OVowIDEeMBwGA1UE AwwVc2hwaXZlZTEtMDEucm9jaGUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAx4llBWHcpa2LcVhr4HouJUVRUH3T961wy4UQoN7/JD/O1zxdvFbF 56jNAQkxwcuyZ45midQvT9P7vTurJklyPT/uXpe+8I7NWTtL+cr5j1edfj4909bQ afXDG4szeduzBpG3NIYIigW5xJwDOgzfGX0GQslwRoxWd/ak2FEVI2Kt0J/JL5rb 9RBccOB/FzCkyts426gR1uh/wyrWA/OzKgKdnfkFQTuHlixXs3ZJUWQ9yzgSwp3H wO6pgkvLk4NLqmMTSrzp7A3Xd5ispvttt0vmCEbAhVdrup+xjgd4VyeRIh3E0NC3 8KQ6jmn/KsiOsstrLpDiW73itFdY8Lzk8G9cpkBSit793y6qN1WIPCi6Mr39Pl1Y yHH7OO/bW210KsA/fx7NzzOf8qRw1pMO2RVM19DP/aTk6evPFFoCEDnpQm0QGEAm 9n/NfBmhs7LB7tckxwIbl38pzXebipvOj2BwqlqSV32MwZSq9qTpl9DFyvoMTFYa GQ8sGmxs8O5MOfSM3muIdXp4qHwMoTAwn9ZPeYGP9XiKe7r7x/hVIbmSOxSct3Ds 0rNJa3yj4AGhXsTe588CF5hT/Z89mzN8A+SeAPCph344e1d4Uf2aoWF1mTeDZZo+ 4uYdPF5pIWSO7P9uDm4vRR2+7NRGnmdIG9aiOP56NYBYqZpCmNPUAuUCAwEAAaOC AeIwggHeMEYGA1UdEQQ/MD2CEnNocGl2ZWUxLnJvY2hlLmNvbYIQZ2xvbXJhLnJv Y2hlLmNvbYIVc2hwaXZlZTEtMDEucm9jaGUuY29tMAkGA1UdEwQCMAAwKwYDVR0f BCQwIjAgoB6gHIYaaHR0cDovL2d0LnN5bWNiLmNvbS9ndC5jcmwwgZ0GA1UdIASB lTCBkjCBjwYGZ4EMAQIBMIGEMD8GCCsGAQUFBwIBFjNodHRwczovL3d3dy5nZW90 cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIw NQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5 L2xlZ2FsMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUH AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3Quc3ltY2QuY29tMCYGCCsGAQUF BzAChhpodHRwOi8vZ3Quc3ltY2IuY29tL2d0LmNydDATBgorBgEEAdZ5AgQDAQH/ BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOucAqOdOTUDIOFHI93dQ/ZLjHIGcYFsz 4BsGVpwKQMrUgAERvrEBKdvM1oGSaqiwYCjnNtyolOK8Ur+Yz/Rwc7KcT28rifDU 9NDHnFfLh/0y+lcHTaa+zuuGVYNek2FUT66xhb6Km6Dd9zWin9OjyBVWBtf8Q9j2 QDSwrL98tyXv6Vna6feZITeXQjm56Q9xPKG2L/629MVRMHxqaJ7hAc3GAw5JlC2E kpuOv7XNvbRQPh092bh1y8ok77MlpQEqGGGWNca8onTJXkFZOIXN0yLW+cm+r1AG QCNzrj/qAT7KVGy/SIbcZaX8zg9W5t0JkgrudFZCL1gHngw9C7a3HA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx4llBWHcpa2LcVhr4Hou JUVRUH3T961wy4UQoN7/JD/O1zxdvFbF56jNAQkxwcuyZ45midQvT9P7vTurJkly PT/uXpe+8I7NWTtL+cr5j1edfj4909bQafXDG4szeduzBpG3NIYIigW5xJwDOgzf GX0GQslwRoxWd/ak2FEVI2Kt0J/JL5rb9RBccOB/FzCkyts426gR1uh/wyrWA/Oz KgKdnfkFQTuHlixXs3ZJUWQ9yzgSwp3HwO6pgkvLk4NLqmMTSrzp7A3Xd5ispvtt t0vmCEbAhVdrup+xjgd4VyeRIh3E0NC38KQ6jmn/KsiOsstrLpDiW73itFdY8Lzk 8G9cpkBSit793y6qN1WIPCi6Mr39Pl1YyHH7OO/bW210KsA/fx7NzzOf8qRw1pMO 2RVM19DP/aTk6evPFFoCEDnpQm0QGEAm9n/NfBmhs7LB7tckxwIbl38pzXebipvO j2BwqlqSV32MwZSq9qTpl9DFyvoMTFYaGQ8sGmxs8O5MOfSM3muIdXp4qHwMoTAw n9ZPeYGP9XiKe7r7x/hVIbmSOxSct3Ds0rNJa3yj4AGhXsTe588CF5hT/Z89mzN8 A+SeAPCph344e1d4Uf2aoWF1mTeDZZo+4uYdPF5pIWSO7P9uDm4vRR2+7NRGnmdI G9aiOP56NYBYqZpCmNPUAuUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 165119022373383756621247471979956499343 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust DV SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'shpivee1-01.roche.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 814038705158822735715592819434095180854619744245611667026383457779602376391063675153812711103738870633185150649306484481678998589656895184994613330941095509617303129285052673326248320011485149591187288084642984864957673415834736161620036347302083168230064228315935625952432497937331363795381253473616227842895454060808749185378621550954494187746837984754386431214675500330424817385689632832125616269663596223164461017985388225813194291004912230358728214689220934121053250399983900733318100043088144665946087023237485461179806516762172341207083670370388522704191247302003263971422678228726293332040762430519198913348385083584823488042437042344361075939184867637929708023548052918069161944665420788465527631903934597677910688214489946797471719891964059250944145588452220324481370991106912246225947394987702669787120595326789774195042460872366711630173966118258254998226025457843210955609215012795708478891752846152135386406444278950684634032060769307328000715917407028137918002602754489420556242074005353625873879602187074401336256773196897471146845840246239955443796336445468220791846660433239778619475392065425884400450385339866838252815414343602828153989309303052367506955683935463704426581364297705429962868661529169073239393305317 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shpivee1.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'glomra.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shpivee1-01.roche.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ad65228590d03be3a1498b37f9f10b1d5f17a077 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003ae700a8e74e4d40c83851c8f77750fd92e31c819c605b33e01b06569c0a40cad4800111beb10129dbccd681926aa8b06028e736dca894e2bc52bf98cff47073b29c4f6f2b89f0d4f4d0c79c57cb87fd32fa57074da6beceeb8655835e9361544faeb185be8a9ba0ddf735a29fd3a3c8155606d7fc43d8f64034b0acbf7cb725efe959dae9f7992137974239b9e90f713ca1b62ffeb6f4c551307c6a689ee101cdc6030e49942d84929b8ebfb5cdbdb4503e1d3dd9b875cbca24efb325a5012a18619635c6bca274c95e41593885cdd322d6f9c9beaf5006402373ae3fea013eca546cbf4886dc65a5fcce0f56e6dd09920aee7456422f58079e0c3d0bb6b71c